CVE-2021-1739
published 2021-09-08CVE-2021-1739: A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_14.5_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 14.5 | 14.5 |
| apple | ipados | < 14.5 | 14.5 |
| apple | iphone_os | < 14.5 | 14.5 |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | 10.14 – 10.14.5 | — |
| apple | mac_os_x | 10.15 – 10.15.5 | — |
| apple | macos | >= 11.0 < 11.3 | 11.3 |
| apple | macos | >= unspecified < 11.3 | 11.3 |
| apple | macos | >= unspecified < 2021 | 2021 |
| apple | macos_big_sur | — | — |
| apple | security_update_2021-002_catalina | — | — |
| apple | tvos | < 14.5 | 14.5 |
| apple | tvos | >= unspecified < 14.5 | 14.5 |
| apple | watchos | < 7.4 | 7.4 |
| apple | watchos | >= unspecified < 7.4 | 7.4 |