Search

Find a vulnerability

Search criteria

    362 vulnerabilities found for iCloud for Windows by Apple

    CVE-2022-46698 (GCVE-0-2022-46698)

    Vulnerability from nvd – Published: 2022-12-15 00:00 – Updated: 2025-04-21 13:47
    VLAI
    Summary
    A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing maliciously crafted web content may disclose sensitive user information
    • CWE-693 - Protection Mechanism Failure
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213537"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-32"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T13:47:18.595342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-693",
                    "description": "CWE-693 Protection Mechanism Failure",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:47:23.617Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may disclose sensitive user information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:10:14.768Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "url": "https://support.apple.com/en-us/HT213537"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-32"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46698",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:47:23.617Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-46693 (GCVE-0-2022-46693)

    Vulnerability from nvd – Published: 2022-12-15 00:00 – Updated: 2025-04-21 14:25
    VLAI
    Summary
    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Processing a maliciously crafted file may lead to arbitrary code execution
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.594Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46693",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T14:24:47.601795Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T14:25:11.469Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted file may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-21T00:00:00.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46693",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T14:25:11.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-46692 (GCVE-0-2022-46692)

    Vulnerability from nvd – Published: 2022-12-15 00:00 – Updated: 2025-04-21 14:27
    VLAI
    Summary
    A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing maliciously crafted web content may bypass Same Origin Policy
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 15.7 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.222Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213531"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213537"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/21"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-32"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46692",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T14:27:01.532535Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-345",
                    "description": "CWE-345 Insufficient Verification of Data Authenticity",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T14:27:34.750Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "15.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may bypass Same Origin Policy",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:09:55.806Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213531"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "url": "https://support.apple.com/en-us/HT213537"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/21"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-32"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46692",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T14:27:34.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-36521 (GCVE-0-2020-36521)

    Vulnerability from nvd – Published: 2022-09-23 18:58 – Updated: 2025-05-22 15:33
    VLAI
    Summary
    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 11.4 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.21 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:30:08.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211952"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211847"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211846"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-36521",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T15:33:51.276210Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T15:33:57.293Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.21",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-23T18:58:31.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211952"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211847"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211846"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-36521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.21"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211952",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211952"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211847",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211847"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211846",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211846"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-36521",
        "datePublished": "2022-09-23T18:58:31.000Z",
        "dateReserved": "2022-03-28T00:00:00.000Z",
        "dateUpdated": "2025-05-22T15:33:57.293Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-4302 (GCVE-0-2018-4302)

    Vulnerability from nvd – Published: 2021-12-23 19:48 – Updated: 2024-08-05 05:11
    VLAI
    Summary
    A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS Affected: unspecified , < 11 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 4 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 10.13 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:11:22.509Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208112"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208141"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-23T19:48:29.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208112"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208141"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2018-4302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT208144",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208144"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208112",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208112"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208115",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208115"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208141",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208141"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208142",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2018-4302",
        "datePublished": "2021-12-23T19:48:29.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:11:22.509Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1857 (GCVE-0-2021-1857)

    Vulnerability from nvd – Published: 2021-09-08 14:44 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may disclose sensitive user information
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 2021 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212326"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may disclose sensitive user information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:44:51.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212326"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1857",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may disclose sensitive user information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212326",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212326"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212327",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212327"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1857",
        "datePublished": "2021-09-08T14:44:51.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1825 (GCVE-0-2021-1825)

    Vulnerability from nvd – Published: 2021-09-08 14:55 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to a cross site scripting attack
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:05.904Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212318"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to a cross site scripting attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:55:15.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212318"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to a cross site scripting attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212318",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212318"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1825",
        "datePublished": "2021-09-08T14:55:15.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:05.904Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1811 (GCVE-0-2021-1811)

    Vulnerability from nvd – Published: 2021-09-08 14:55 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted font may result in the disclosure of process memory
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 2021 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212326"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted font may result in the disclosure of process memory",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:55:54.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212326"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1811",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted font may result in the disclosure of process memory"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212326",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212326"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212327",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212327"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1811",
        "datePublished": "2021-09-08T14:55:54.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.271Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9991 (GCVE-0-2020-9991)

    Vulnerability from nvd – Published: 2020-12-08 21:11 – Updated: 2024-08-04 10:50
    VLAI
    Summary
    This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • A remote attacker may be able to cause a denial of service
    Assigner
    Impacted products
    Vendor Product Version
    Apple tvOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.21 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:50:57.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/kb/HT211846"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211847"
              },
              {
                "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
              },
              {
                "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.21",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "A remote attacker may be able to cause a denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-25T16:06:32.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.apple.com/kb/HT211846"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211847"
            },
            {
              "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
            },
            {
              "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-9991",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.21"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "A remote attacker may be able to cause a denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/kb/HT211846",
                  "refsource": "CONFIRM",
                  "url": "https://support.apple.com/kb/HT211846"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211931",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211931"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211847",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211847"
                },
                {
                  "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
                },
                {
                  "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-9991",
        "datePublished": "2020-12-08T21:11:39.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:50:57.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9947 (GCVE-0-2020-9947)

    Vulnerability from nvd – Published: 2020-12-08 19:21 – Updated: 2024-08-04 10:50
    VLAI
    Summary
    A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple tvOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 11.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:50:57.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211935"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211952"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211845"
              },
              {
                "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
              },
              {
                "name": "GLSA-202104-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202104-03"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-01T01:06:24.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211935"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211952"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211845"
            },
            {
              "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
            },
            {
              "name": "GLSA-202104-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202104-03"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-9947",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211935",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211935"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211952",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211952"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211845",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211845"
                },
                {
                  "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
                },
                {
                  "name": "GLSA-202104-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202104-03"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-9947",
        "datePublished": "2020-12-08T19:21:36.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:50:57.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3864 (GCVE-0-2020-3864)

    Vulnerability from nvd – Published: 2020-10-27 20:10 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.
    Severity
    No CVSS data available.
    CWE
    • A DOM object context may not have had a unique security origin
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.9 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.17 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:51.250Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210947"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210918"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210920"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210922"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210948"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.9",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.17",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "A DOM object context may not have had a unique security origin",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T20:10:02.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210947"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210918"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210920"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210922"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210948"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-3864",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.17"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "A DOM object context may not have had a unique security origin"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210947",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210947"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210918",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210918"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210920",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210920"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210922",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210922"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210923",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210923"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210948",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210948"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-3864",
        "datePublished": "2020-10-27T20:10:02.000Z",
        "dateReserved": "2019-12-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:51.250Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8846 (GCVE-0-2019-8846)

    Vulnerability from nvd – Published: 2020-10-27 20:07 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.9 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.16 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.505Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210785"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210790"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210793"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210794"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210792"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.9",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.16",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T20:07:50.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210785"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210790"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210793"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210794"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210792"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8846",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.16"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210785",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210785"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210790",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210790"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210793",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210793"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210794",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210794"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210792",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210792"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210795",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8846",
        "datePublished": "2020-10-27T20:07:50.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.505Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8844 (GCVE-0-2019-8844)

    Vulnerability from nvd – Published: 2020-10-27 19:55 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 6.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.9 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.16 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.471Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210785"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210789"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210790"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210793"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210794"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210792"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "6.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.9",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.16",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:55:10.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210785"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210789"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210790"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210793"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210794"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210792"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8844",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "6.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.16"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210785",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210785"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210789",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210789"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210790",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210790"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210793",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210793"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210794",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210794"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210792",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210792"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210795",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8844",
        "datePublished": "2020-10-27T19:55:10.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8835 (GCVE-0-2019-8835)

    Vulnerability from nvd – Published: 2020-10-27 19:53 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.3 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.9 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.16 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.455Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210785"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210790"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210793"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210794"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210792"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.9",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.16",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:53:59.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210785"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210790"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210793"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210794"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210792"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8835",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.9"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.16"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210785",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210785"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210790",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210790"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210793",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210793"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210794",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210794"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210792",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210792"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210795",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8835",
        "datePublished": "2020-10-27T19:53:59.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.455Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8827 (GCVE-0-2019-8827)

    Vulnerability from nvd – Published: 2020-10-27 19:53 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.
    Severity
    No CVSS data available.
    CWE
    • Visiting a maliciously crafted website may reveal the sites a user has visited
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.2 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.15 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.9 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.074Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210721"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210723"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210725"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210726"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210728"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210947"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.15",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.9",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Visiting a maliciously crafted website may reveal the sites a user has visited",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:53:30.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210721"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210723"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210725"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210726"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210728"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210947"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8827",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.2"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.15"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.9"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Visiting a maliciously crafted website may reveal the sites a user has visited"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210721",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210721"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210723",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210723"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210725",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210725"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210726",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210726"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210728",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210728"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210947",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210947"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8827",
        "datePublished": "2020-10-27T19:53:30.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.074Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8773 (GCVE-0-2019-8773)

    Vulnerability from nvd – Published: 2020-10-27 19:48 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 6 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:37.000Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210607"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210603"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210635"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210636"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210637"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210605"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "6",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.14",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:48:41.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210607"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210603"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210635"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210636"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210637"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210605"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8773",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "6"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210604",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210604"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210607",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210607"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210603",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210603"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210635",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210635"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210636",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210636"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210637",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210637"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210605",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210605"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8773",
        "datePublished": "2020-10-27T19:48:41.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:37.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8762 (GCVE-0-2019-8762)

    Vulnerability from nvd – Published: 2020-10-27 19:46 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to universal cross site scripting
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:36.891Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210603"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210635"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210636"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210637"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210605"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.14",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to universal cross site scripting",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:46:34.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210603"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210635"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210636"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210637"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210605"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8762",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to universal cross site scripting"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210604",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210604"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210603",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210603"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210635",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210635"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210636",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210636"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210637",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210637"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210605",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210605"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8762",
        "datePublished": "2020-10-27T19:46:34.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:36.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8752 (GCVE-0-2019-8752)

    Vulnerability from nvd – Published: 2020-10-27 19:45 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 6 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:36.278Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210607"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210603"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210635"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210636"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210637"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210605"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "6",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.14",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:45:29.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210607"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210603"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210635"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210636"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210637"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210605"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8752",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "6"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210604",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210604"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210607",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210607"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210603",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210603"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210635",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210635"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210636",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210636"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210637",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210637"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210605",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210605"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8752",
        "datePublished": "2020-10-27T19:45:29.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:36.278Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8751 (GCVE-0-2019-8751)

    Vulnerability from nvd – Published: 2020-10-27 19:46 – Updated: 2024-08-04 21:31
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 6 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:31:35.791Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210607"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210603"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210635"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210636"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210637"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210605"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "6",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.14",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:46:54.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210607"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210603"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210635"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210636"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210637"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210605"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8751",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "6"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210604",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210604"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210607",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210607"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210603",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210603"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210635",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210635"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210636",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210636"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210637",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210637"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210605",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210605"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8751",
        "datePublished": "2020-10-27T19:46:54.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:31:35.791Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8734 (GCVE-0-2019-8734)

    Vulnerability from nvd – Published: 2020-10-27 19:43 – Updated: 2024-08-04 21:24
    VLAI
    Summary
    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple tvOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple iOS Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 6 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 13 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 10.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:24:29.612Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210606"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210607"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210608"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210635"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210636"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT210637"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "6",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.14",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-27T19:43:13.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210606"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210607"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210608"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210635"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210636"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT210637"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2019-8734",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "6"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "13"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.14"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT210604",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210604"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210606",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210606"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210607",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210607"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210608",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210608"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210635",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210635"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210636",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210636"
                },
                {
                  "name": "https://support.apple.com/en-us/HT210637",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT210637"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2019-8734",
        "datePublished": "2020-10-27T19:43:13.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:24:29.612Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-46698 (GCVE-0-2022-46698)

    Vulnerability from cvelistv5 – Published: 2022-12-15 00:00 – Updated: 2025-04-21 13:47
    VLAI
    Summary
    A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing maliciously crafted web content may disclose sensitive user information
    • CWE-693 - Protection Mechanism Failure
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213537"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-32"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T13:47:18.595342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-693",
                    "description": "CWE-693 Protection Mechanism Failure",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T13:47:23.617Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may disclose sensitive user information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:10:14.768Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "url": "https://support.apple.com/en-us/HT213537"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-32"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46698",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T13:47:23.617Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-46693 (GCVE-0-2022-46693)

    Vulnerability from cvelistv5 – Published: 2022-12-15 00:00 – Updated: 2025-04-21 14:25
    VLAI
    Summary
    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Processing a maliciously crafted file may lead to arbitrary code execution
    • CWE-787 - Out-of-bounds Write
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.594Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46693",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T14:24:47.601795Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-787",
                    "description": "CWE-787 Out-of-bounds Write",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T14:25:11.469Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted file may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-21T00:00:00.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-8 watchOS 9.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/27"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46693",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T14:25:11.469Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-46692 (GCVE-0-2022-46692)

    Vulnerability from cvelistv5 – Published: 2022-12-15 00:00 – Updated: 2025-04-21 14:27
    VLAI
    Summary
    A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing maliciously crafted web content may bypass Same Origin Policy
    • CWE-345 - Insufficient Verification of Data Authenticity
    Assigner
    Impacted products
    Vendor Product Version
    Apple iCloud for Windows Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 13.1 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 15.7 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 9.2 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 16.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:39:38.222Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213535"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213532"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213538"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213530"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213531"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213536"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT213537"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/21"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
              },
              {
                "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202305-32"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-46692",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-21T14:27:01.532535Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-345",
                    "description": "CWE-345 Insufficient Verification of Data Authenticity",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-21T14:27:34.750Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "13.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "15.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "9.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "16.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may bypass Same Origin Policy",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-30T05:09:55.806Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "url": "https://support.apple.com/en-us/HT213535"
            },
            {
              "url": "https://support.apple.com/en-us/HT213532"
            },
            {
              "url": "https://support.apple.com/en-us/HT213538"
            },
            {
              "url": "https://support.apple.com/en-us/HT213530"
            },
            {
              "url": "https://support.apple.com/en-us/HT213531"
            },
            {
              "url": "https://support.apple.com/en-us/HT213536"
            },
            {
              "url": "https://support.apple.com/en-us/HT213537"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/20"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/21"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/26"
            },
            {
              "name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2",
              "tags": [
                "mailing-list"
              ],
              "url": "http://seclists.org/fulldisclosure/2022/Dec/28"
            },
            {
              "url": "https://security.gentoo.org/glsa/202305-32"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2022-46692",
        "datePublished": "2022-12-15T00:00:00.000Z",
        "dateReserved": "2022-12-07T00:00:00.000Z",
        "dateUpdated": "2025-04-21T14:27:34.750Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-36521 (GCVE-0-2020-36521)

    Vulnerability from cvelistv5 – Published: 2022-09-23 18:58 – Updated: 2025-05-22 15:33
    VLAI
    Summary
    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents
    • CWE-125 - Out-of-bounds Read
    Assigner
    Impacted products
    Vendor Product Version
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 11.4 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.21 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:30:08.378Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211952"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211847"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211846"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-36521",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T15:33:51.276210Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-125",
                    "description": "CWE-125 Out-of-bounds Read",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-22T15:33:57.293Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.21",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-09-23T18:58:31.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211952"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211847"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211846"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-36521",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.21"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211952",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211952"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211847",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211847"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211846",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211846"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-36521",
        "datePublished": "2022-09-23T18:58:31.000Z",
        "dateReserved": "2022-03-28T00:00:00.000Z",
        "dateUpdated": "2025-05-22T15:33:57.293Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-4302 (GCVE-0-2018-4302)

    Vulnerability from cvelistv5 – Published: 2021-12-23 19:48 – Updated: 2024-08-05 05:11
    VLAI
    Summary
    A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS Affected: unspecified , < 11 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 4 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.7 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 10.13 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T05:11:22.509Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208112"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208115"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208141"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT208142"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "10.13",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-23T19:48:29.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208112"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208115"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208141"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT208142"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2018-4302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT208144",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208144"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208112",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208112"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208115",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208115"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208141",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208141"
                },
                {
                  "name": "https://support.apple.com/en-us/HT208142",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT208142"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2018-4302",
        "datePublished": "2021-12-23T19:48:29.000Z",
        "dateReserved": "2018-01-02T00:00:00.000Z",
        "dateUpdated": "2024-08-05T05:11:22.509Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1811 (GCVE-0-2021-1811)

    Vulnerability from cvelistv5 – Published: 2021-09-08 14:55 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory.
    Severity
    No CVSS data available.
    CWE
    • Processing a maliciously crafted font may result in the disclosure of process memory
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 2021 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.271Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212326"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing a maliciously crafted font may result in the disclosure of process memory",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:55:54.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212326"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1811",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted font may result in the disclosure of process memory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing a maliciously crafted font may result in the disclosure of process memory"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212326",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212326"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212327",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212327"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1811",
        "datePublished": "2021-09-08T14:55:54.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.271Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1825 (GCVE-0-2021-1825)

    Vulnerability from cvelistv5 – Published: 2021-09-08 14:55 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to a cross site scripting attack
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 14.1 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:05.904Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212318"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to a cross site scripting attack",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:55:15.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212318"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1825",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.1"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to a cross site scripting attack"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212318",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212318"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1825",
        "datePublished": "2021-09-08T14:55:15.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:05.904Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1857 (GCVE-0-2021-1857)

    Vulnerability from cvelistv5 – Published: 2021-09-08 14:44 – Updated: 2024-08-03 16:25
    VLAI
    Summary
    A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may disclose sensitive user information
    Assigner
    Impacted products
    Vendor Product Version
    Apple iOS and iPadOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.11 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 12.3 (custom)
    Create a notification for this product.
    Apple tvOS Affected: unspecified , < 14.5 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.4 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.3 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 2021 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:25:06.165Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212317"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212325"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212326"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212319"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT212321"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.3",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "2021",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may disclose sensitive user information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-08T14:44:51.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212317"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212325"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212326"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212319"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT212321"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2021-1857",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.11"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.3"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "2021"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may disclose sensitive user information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT212317",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212317"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212323",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212323"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212324",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212324"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212325",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212325"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212326",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212326"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212327",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212327"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212319",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212319"
                },
                {
                  "name": "https://support.apple.com/en-us/HT212321",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT212321"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2021-1857",
        "datePublished": "2021-09-08T14:44:51.000Z",
        "dateReserved": "2020-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T16:25:06.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9991 (GCVE-0-2020-9991)

    Vulnerability from cvelistv5 – Published: 2020-12-08 21:11 – Updated: 2024-08-04 10:50
    VLAI
    Summary
    This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.
    Severity
    No CVSS data available.
    CWE
    • A remote attacker may be able to cause a denial of service
    Assigner
    Impacted products
    Vendor Product Version
    Apple tvOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 7.21 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple macOS Affected: unspecified , < 11.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:50:57.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/kb/HT211846"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211847"
              },
              {
                "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
              },
              {
                "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.21",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "macOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "A remote attacker may be able to cause a denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-25T16:06:32.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.apple.com/kb/HT211846"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211847"
            },
            {
              "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
            },
            {
              "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-9991",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.21"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "macOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "A remote attacker may be able to cause a denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/kb/HT211846",
                  "refsource": "CONFIRM",
                  "url": "https://support.apple.com/kb/HT211846"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211931",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211931"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211847",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211847"
                },
                {
                  "name": "20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2020/Dec/32"
                },
                {
                  "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-9991",
        "datePublished": "2020-12-08T21:11:39.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:50:57.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9947 (GCVE-0-2020-9947)

    Vulnerability from cvelistv5 – Published: 2020-12-08 19:21 – Updated: 2024-08-04 10:50
    VLAI
    Summary
    A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Processing maliciously crafted web content may lead to arbitrary code execution
    Assigner
    Impacted products
    Vendor Product Version
    Apple tvOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple watchOS Affected: unspecified , < 7.0 (custom)
    Create a notification for this product.
    Apple Safari Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iOS and iPadOS Affected: unspecified , < 14.0 (custom)
    Create a notification for this product.
    Apple iCloud for Windows Affected: unspecified , < 11.5 (custom)
    Create a notification for this product.
    Apple iTunes for Windows Affected: unspecified , < 12.10 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:50:57.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211843"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211850"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211844"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211935"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211952"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.apple.com/en-us/HT211845"
              },
              {
                "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
              },
              {
                "name": "GLSA-202104-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202104-03"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "tvOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "watchOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "7.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Safari",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iOS and iPadOS",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "14.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iCloud for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "11.5",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "iTunes for Windows",
              "vendor": "Apple",
              "versions": [
                {
                  "lessThan": "12.10",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Processing maliciously crafted web content may lead to arbitrary code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-01T01:06:24.000Z",
            "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
            "shortName": "apple"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211843"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211850"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211844"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211935"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211952"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.apple.com/en-us/HT211845"
            },
            {
              "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
            },
            {
              "name": "GLSA-202104-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202104-03"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "product-security@apple.com",
              "ID": "CVE-2020-9947",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "tvOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "watchOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "7.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Safari",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iOS and iPadOS",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "14.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iCloud for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "11.5"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "iTunes for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "12.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Apple"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Processing maliciously crafted web content may lead to arbitrary code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.apple.com/en-us/HT211843",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211843"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211850",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211850"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211844",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211844"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211935",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211935"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211952",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211952"
                },
                {
                  "name": "https://support.apple.com/en-us/HT211845",
                  "refsource": "MISC",
                  "url": "https://support.apple.com/en-us/HT211845"
                },
                {
                  "name": "[oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2021/03/22/1"
                },
                {
                  "name": "GLSA-202104-03",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202104-03"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "assignerShortName": "apple",
        "cveId": "CVE-2020-9947",
        "datePublished": "2020-12-08T19:21:36.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:50:57.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }