CVE-2020-9994
published 2020-10-22CVE-2020-9994: A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS…
high7.1CVSS 3.1
AVLACLPRNUIRSUCNIHAH
A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | >= unspecified < iOS 13.5 and iPadOS 13.5 | iOS 13.5 and iPadOS 13.5 |
| apple | ipados | < 13.5 | 13.5 |
| apple | iphone_os | < 13.5 | 13.5 |
| apple | mac_os_x | < 10.15.5 | 10.15.5 |
| apple | macos | >= unspecified < macOS Catalina 10.15.5 | macOS Catalina 10.15.5 |
| apple | macos_catalina_10.15.6_security_update_2020-004_mojave_security_update_2020-004 | — | — |
| apple | tvos | < 13.4.5 | 13.4.5 |
| apple | tvos | >= unspecified < tvOS 13.4.5 | tvOS 13.4.5 |
| apple | watchos | < 6.2.5 | 6.2.5 |
| apple | watchos | >= unspecified < watchOS 6.2.5 | watchOS 6.2.5 |