8.8

CVE-2020-9983

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiCloud Version11.5 SwPlatformwindows
AppleiTunes Version12.10.9 SwPlatformwindows
AppleSafari Version < 14.0
AppleiPadOS Version < 14.0
AppleiPhone OS Version < 14.0
AppletvOS Version14.0
ApplewatchOS Version7.0
FedoraprojectFedora Version32
FedoraprojectFedora Version33
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2% 0.781
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2020/Nov/20
Third Party Advisory
Mailing List
https://support.apple.com/kb/HT211850
Vendor Advisory
http://seclists.org/fulldisclosure/2020/Nov/19
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2020/Nov/22
Third Party Advisory
Mailing List
https://support.apple.com/kb/HT211843
Vendor Advisory
https://support.apple.com/kb/HT211844
Vendor Advisory
https://support.apple.com/kb/HT211935
Vendor Advisory
https://support.apple.com/kb/HT211952
Vendor Advisory
http://seclists.org/fulldisclosure/2020/Nov/18
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2020/11/23/3
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/202012-10
Third Party Advisory
https://support.apple.com/HT211845
Vendor Advisory
Release Notes
https://www.debian.org/security/2020/dsa-4797
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY2OBQZFMEFZOSWXPXHPEHOJXXILEEX2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PDGBNKYT7NMW7CJ26YFUPUHPJVYGV7IQ/