CVE-2020-9947

 

Published at: - 08-12-2020 09:15

Last modified: - 02-06-2022 08:56

Total changes: - 7

Description

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://support.apple.com/en-us/HT211935
• https://support.apple.com/en-us/HT211844
• https://support.apple.com/en-us/HT211843
• https://support.apple.com/en-us/HT211845
• https://support.apple.com/en-us/HT211850
• https://support.apple.com/en-us/HT211952
• [oss-security] 20210322 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0002-Mailing List, Third Party Advisory
• GLSA-202104-03-Third Party Advisory

 

Keywords

NVD

 

CVE-2020-9947

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures