CVE-2020-27918

 

Published at: - 08-12-2020 11:15

Last modified: - 12-10-2022 05:57

Total changes: - 10

Description

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://support.apple.com/en-us/HT211929
• https://support.apple.com/en-us/HT211928
• https://support.apple.com/en-us/HT211935
• https://support.apple.com/en-us/HT211931
• https://support.apple.com/en-us/HT211934
• https://support.apple.com/en-us/HT211933
• https://support.apple.com/en-us/HT211930
• 20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1-Mailing List, Third Party Advisory
• [oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002-Mailing List, Third Party Advisory
• FEDORA-2021-8070916f7a-Mailing List, Third Party Advisory
• DSA-4877-Third Party Advisory
• FEDORA-2021-864dc37032-Mailing List, Third Party Advisory
• FEDORA-2021-619711d709-Mailing List, Third Party Advisory
• GLSA-202104-03-Third Party Advisory

 

Keywords

NVD

 

CVE-2020-27918

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures