cbcvebase.
CVE-2020-3870
published 2020-02-27

CVE-2020-3870: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected

9 ranges
VendorProductVersion rangeFixed in
appleios>= unspecified < iOS 13.3.1 and iPadOS 13.3.1iOS 13.3.1 and iPadOS 13.3.1
appleipados< 13.3.113.3.1
appleiphone_os< 13.3.113.3.1
applemac_os_x< 10.15.310.15.3
applemacos>= unspecified < macOS Catalina 10.15.3macOS Catalina 10.15.3
appletvos< 13.3.113.3.1
appletvos>= unspecified < tvOS 13.3.1tvOS 13.3.1
applewatchos< 6.1.26.1.2
applewatchos>= unspecified < watchOS 6.1.2watchOS 6.1.2