cbcvebase.
CVE-2020-9894
published 2020-10-16

CVE-2020-9894: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2…

medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

Affected

21 ranges
VendorProductVersion rangeFixed in
appleicloud< 7.207.20
appleicloud>= 11.0 < 11.311.3
appleicloud_for_windows>= unspecified < iCloud for Windows 11.3iCloud for Windows 11.3
appleicloud_for_windows>= unspecified < iCloud for Windows 7.20iCloud for Windows 7.20
appleios>= unspecified < iOS 13.6 and iPadOS 13.6iOS 13.6 and iPadOS 13.6
appleios_13.6_and_ipados
appleipados< 13.613.6
appleiphone_os< 13.613.6
appleitunes< 12.10.812.10.8
appleitunes_for_windows>= unspecified < iTunes 12.10.8 for WindowsiTunes 12.10.8 for Windows
applesafari< 13.1.213.1.2
applesafari
applesafari>= unspecified < Safari 13.1.2Safari 13.1.2
appletvos< 13.4.813.4.8
appletvos
appletvos>= unspecified < tvOS 13.4.8tvOS 13.4.8
applewatchos< 6.2.86.2.8
applewatchos
applewatchos>= unspecified < watchOS 6.2.8watchOS 6.2.8
debianwebkit2gtk< webkit2gtk 2.28.4-1 (bookworm)webkit2gtk 2.28.4-1 (bookworm)
debianwpewebkit< webkit2gtk 2.28.4-1 (bookworm)webkit2gtk 2.28.4-1 (bookworm)

CVSS provenance

nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
osv4.3MEDIUM