CVE-2020-29617Out-of-bounds Read in Apple IOS AND Ipados

CWE-125Out-of-bounds Read3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 42.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Apple IOS AND IpadosApple MacosApple Tvos+5 more
Timeline
PublishedApr 2
Latest updateMay 24

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

CVEListV5apple/tvosunspecified14.3
NVDapple/tvos< 14.3
CVEListV5apple/macosunspecified11.1+1
NVDapple/macos11.011.1.0
NVDapple/icloud< 12.0

🔴Vulnerability Details

2
GHSA
GHSA-m6h5-rrvc-44jh: An out-of-bounds read was addressed with improved input validation2022-05-24
CVEList
CVE-2020-29617: An out-of-bounds read was addressed with improved input validation2021-04-02
CVE-2020-29617 — Out-of-bounds Read in Apple | cvebase