About the security content of watchOS 6.1

2019-10-29T00:00:00

Description

# About the security content of watchOS 6.1 This document describes the security content of watchOS 6.1. ## About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page. Apple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible. For more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## watchOS 6.1 Released October 29, 2019 **Accounts** Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universität Darmstadt **AirDrop** Available for: Apple Watch Series 1 and later Impact: AirDrop transfers may be unexpectedly accepted while in Everyone mode Description: A logic issue was addressed with improved validation. CVE-2019-8796: Allison Husain of UC Berkeley Entry updated April 4, 2020 **App Store** Available for: Apple Watch Series 1 and later Impact: A local attacker may be able to login to the account of a previously logged in user without valid credentials. Description: An authentication issue was addressed with improved state management. CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu) **AppleFirmwareUpdateKext** Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8747: Mohamed Ghannam (@_simo36) **Audio** Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8785: Ian Beer of Google Project Zero CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure **Contacts** Available for: Apple Watch Series 1 and later Impact: Processing a maliciously contact may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com) **File System Events** Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative **Kernel** Available for: Apple Watch Series 1 and later Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure **Kernel** Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern Entry updated November 18, 2019 **Kernel** Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8829: Jann Horn of Google Project Zero Entry added November 8, 2019 **libxslt** Available for: Apple Watch Series 1 and later Impact: Multiple issues in libxslt Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8750: found by OSS-Fuzz **VoiceOver** Available for: Apple Watch Series 1 and later Impact: A person with physical access to an iOS device may be able to access contacts from the lock screen Description: The issue was addressed by restricting options offered on a locked device. CVE-2019-8775: videosdebarraquito **WebKit** Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8764: Sergei Glazunov of Google Project Zero **WebKit** Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group CVE-2019-8765: Samuel Groß of Google Project Zero CVE-2019-8766: found by OSS-Fuzz CVE-2019-8808: found by OSS-Fuzz CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech CVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech CVE-2019-8820: Samuel Groß of Google Project Zero Entry updated November 18, 2019 ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## Additional recognition **boringssl** We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance. **CFNetwork** We would like to acknowledge Lily Chen of Google for their assistance. **Kernel** We would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance. Entry updated November 8, 2019 **Safari** We would like to acknowledge Ron Summers, Ronald van der Meer for their assistance. Entry updated February 11, 2020 **WebKit** We would like to acknowledge Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance. Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information. Published Date: April 05, 2020

Affected Software

CPE Name	Name	Version
	watchos	6.1

{"id": "APPLE:7033CCA4E259F96F17D1D049B6D11BE0", "vendorId": null, "type": "apple", "bulletinFamily": "software", "title": "About the security content of watchOS 6.1", "description": "# About the security content of watchOS 6.1\n\nThis document describes the security content of watchOS 6.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## watchOS 6.1\n\nReleased October 29, 2019\n\n**Accounts**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**AirDrop**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry updated April 4, 2020\n\n**App Store**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\n**Audio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**Contacts**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**File System Events**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**libxslt**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**VoiceOver**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A person with physical access to an iOS device may be able to access contacts from the lock screen\n\nDescription: The issue was addressed by restricting options offered on a locked device.\n\nCVE-2019-8775: videosdebarraquito\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nEntry updated November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance.\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**Safari**\n\nWe would like to acknowledge Ron Summers, Ronald van der Meer for their assistance.\n\nEntry updated February 11, 2020\n\n**WebKit**\n\nWe would like to acknowledge Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: April 05, 2020\n", "published": "2019-10-29T00:00:00", "modified": "2019-10-29T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://support.apple.com/kb/HT210724", "reporter": "Apple", "references": ["https://support.apple.com/en-us/HT201222"], "cvelist": ["CVE-2017-7152", "CVE-2019-8743", "CVE-2019-8747", "CVE-2019-8750", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8775", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8794", "CVE-2019-8796", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8816", "CVE-2019-8820", "CVE-2019-8829"], "immutableFields": [], "lastseen": "2022-02-19T19:29:56", "viewCount": 13, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4451"]}, {"type": "amazon", "idList": ["ALAS2-2020-1563"]}, {"type": "apple", "idList": ["APPLE:07C404431E4E9AA795FF43515E579852", "APPLE:23F4B15F98B9E907DBA0469D5F0BC654", "APPLE:24F0CE6C0A090A12BFC0624F060D429D", "APPLE:356155132BDE067E2049C0C5B87F5F09", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:4F5D2C20724C56D494032826B570F894", "APPLE:8962973934F6CCC5756D8D4DB8D1F37F", "APPLE:8C1FE42B64A09C7B23ECEB4773F3CF3C", "APPLE:A1A8D52172AE1DABB07F3860D96264D1", "APPLE:AA7D20441BD99D01D8BEDE3B9762EB04", "APPLE:B079F933FC53AA9BD392638EBBEA2490", "APPLE:B52E92BE35619FA480B979F2662F87F8", "APPLE:CC90AF91854DC3DAAF69A4D6FA63346F", "APPLE:D725BA42FF7DF9373C130EE10E8F427D", "APPLE:F0257CCC537810B8AB9FA8DCAF0EE8F6", "APPLE:F0DD36964D42DC3E67689751DBBFF908", "APPLE:F7CA1A5840C15D3C9444B9C7F4FBA655", "APPLE:HT208334", "APPLE:HT210603", "APPLE:HT210604", "APPLE:HT210605", "APPLE:HT210606", "APPLE:HT210634", "APPLE:HT210635", "APPLE:HT210636", "APPLE:HT210637", "APPLE:HT210721", "APPLE:HT210722", "APPLE:HT210723", "APPLE:HT210724", "APPLE:HT210725", "APPLE:HT210726", "APPLE:HT210727", "APPLE:HT210728", "APPLE:HT211134"]}, {"type": "centos", "idList": ["CESA-2020:4035"]}, {"type": "cve", "idList": ["CVE-2017-7152", "CVE-2019-8743", "CVE-2019-8747", "CVE-2019-8750", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8775", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8794", "CVE-2019-8796", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8816", "CVE-2019-8820", "CVE-2019-8829"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4563-1:121E7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-8743", "DEBIANCVE:CVE-2019-8764", "DEBIANCVE:CVE-2019-8765", "DEBIANCVE:CVE-2019-8766", "DEBIANCVE:CVE-2019-8808", "DEBIANCVE:CVE-2019-8811", "DEBIANCVE:CVE-2019-8812", "DEBIANCVE:CVE-2019-8816", "DEBIANCVE:CVE-2019-8820"]}, {"type": "fedora", "idList": ["FEDORA:B29916092532", "FEDORA:C00126087A1E"]}, {"type": "freebsd", "idList": ["3E748551-C732-45F6-BD88-928DA16F23A8"]}, {"type": "gentoo", "idList": ["GLSA-202003-22"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:37170621F78D33B9DDE68A73E0A16294"]}, {"type": "kaspersky", "idList": ["KLA11592", "KLA11593", "KLA11602", "KLA11603"]}, {"type": "kitploit", "idList": ["KITPLOIT:8766743662298222785"]}, {"type": "mageia", "idList": ["MGASA-2019-0324"]}, {"type": "nessus", "idList": ["700544.PRM", "AL2_ALAS-2020-1563.NASL", "ALMA_LINUX_ALSA-2020-4451.NASL", "APPLE_IOS_112_CHECK.NBIN", "APPLE_IOS_131_CHECK.NBIN", "APPLE_IOS_132_CHECK.NBIN", "CENTOS8_RHSA-2020-4451.NASL", "CENTOS_RHSA-2020-4035.NASL", "DEBIAN_DSA-4563.NASL", "FEDORA_2019-4213E37211.NASL", "FEDORA_2019-FA0C4B0674.NASL", "FREEBSD_PKG_3E748551C73245F6BD88928DA16F23A8.NASL", "GENTOO_GLSA-202003-22.NASL", "ICLOUD_10_8.NASL", "ICLOUD_7_15.NASL", "ITUNES_12_10_2.NASL", "MACOS_HT210722.NASL", "NEWSTART_CGSL_NS-SA-2021-0041_WEBKITGTK4.NASL", "NEWSTART_CGSL_NS-SA-2021-0059_WEBKIT2GTK3.NASL", "NEWSTART_CGSL_NS-SA-2021-0166_WEBKITGTK4.NASL", "OPENSUSE-2019-2587.NASL", "OPENSUSE-2019-2591.NASL", "OPENSUSE-2022-0182-1.NASL", "ORACLELINUX_ELSA-2020-4035.NASL", "ORACLELINUX_ELSA-2020-4451.NASL", "REDHAT-RHSA-2020-4035.NASL", "REDHAT-RHSA-2020-4451.NASL", "SL_20201001_WEBKITGTK4_ON_SL7_X.NASL", "SUSE_SU-2019-3044-1.NASL", "SUSE_SU-2020-1135-1.NASL", "SUSE_SU-2022-0142-1.NASL", "SUSE_SU-2022-0182-1.NASL", "SUSE_SU-2022-0182-2.NASL", "SUSE_SU-2022-0183-1.NASL", "UBUNTU_USN-4181-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704563", "OPENVAS:1361412562310815818", "OPENVAS:1361412562310815819", "OPENVAS:1361412562310815820", "OPENVAS:1361412562310815821", "OPENVAS:1361412562310815822", "OPENVAS:1361412562310815826", "OPENVAS:1361412562310815827", "OPENVAS:1361412562310815828", "OPENVAS:1361412562310844232", "OPENVAS:1361412562310852791", "OPENVAS:1361412562310852964", "OPENVAS:1361412562310877012", "OPENVAS:1361412562310877211"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4035", "ELSA-2020-4451"]}, {"type": "osv", "idList": ["OSV:DSA-4515-1", "OSV:DSA-4558-1", "OSV:DSA-4563-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155030", "PACKETSTORM:155112"]}, {"type": "redhat", "idList": ["RHSA-2020:4035", "RHSA-2020:4451", "RHSA-2020:5605", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2021:0050", "RHSA-2021:0190", "RHSA-2021:0436", "RHSA-2021:0799", "RHSA-2022:0056", "RHSA-2022:5924"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-8743", "RH:CVE-2019-8764", "RH:CVE-2019-8765", "RH:CVE-2019-8766", "RH:CVE-2019-8808", "RH:CVE-2019-8811", "RH:CVE-2019-8812", "RH:CVE-2019-8816", "RH:CVE-2019-8820"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2587-1", "OPENSUSE-SU-2019:2591-1", "OPENSUSE-SU-2022:0182-1", "OPENSUSE-SU-2022:0182-2"]}, {"type": "symantec", "idList": ["SMNTC-103136", "SMNTC-110206", "SMNTC-110660", "SMNTC-110663"]}, {"type": "ubuntu", "idList": ["USN-4181-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-8743", "UB:CVE-2019-8764", "UB:CVE-2019-8765", "UB:CVE-2019-8766", "UB:CVE-2019-8808", "UB:CVE-2019-8811", "UB:CVE-2019-8812", "UB:CVE-2019-8816", "UB:CVE-2019-8820"]}, {"type": "veracode", "idList": ["VERACODE:26674", "VERACODE:27411", "VERACODE:27413", "VERACODE:27414", "VERACODE:27420", "VERACODE:27421", "VERACODE:27422", "VERACODE:27426", "VERACODE:27428"]}, {"type": "zdi", "idList": ["ZDI-19-1009"]}, {"type": "zdt", "idList": ["1337DAY-ID-33433", "1337DAY-ID-33452"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4451"]}, {"type": "amazon", "idList": ["ALAS2-2020-1563"]}, {"type": "apple", "idList": ["APPLE:07C404431E4E9AA795FF43515E579852", "APPLE:23F4B15F98B9E907DBA0469D5F0BC654", "APPLE:24F0CE6C0A090A12BFC0624F060D429D", "APPLE:356155132BDE067E2049C0C5B87F5F09", "APPLE:3CD8680715FC8DF4A758CC6012471868", "APPLE:4F5D2C20724C56D494032826B570F894", "APPLE:8962973934F6CCC5756D8D4DB8D1F37F", "APPLE:8C1FE42B64A09C7B23ECEB4773F3CF3C", "APPLE:A1A8D52172AE1DABB07F3860D96264D1", "APPLE:AA7D20441BD99D01D8BEDE3B9762EB04", "APPLE:B079F933FC53AA9BD392638EBBEA2490", "APPLE:B52E92BE35619FA480B979F2662F87F8", "APPLE:CC90AF91854DC3DAAF69A4D6FA63346F", "APPLE:D725BA42FF7DF9373C130EE10E8F427D", "APPLE:F0257CCC537810B8AB9FA8DCAF0EE8F6", "APPLE:F0DD36964D42DC3E67689751DBBFF908", "APPLE:F7CA1A5840C15D3C9444B9C7F4FBA655", "APPLE:HT208334", "APPLE:HT210603", "APPLE:HT210604", "APPLE:HT210605", "APPLE:HT210606", "APPLE:HT210634", "APPLE:HT210635", "APPLE:HT210636", "APPLE:HT210637", "APPLE:HT210721", "APPLE:HT210722", "APPLE:HT210723", "APPLE:HT210724", "APPLE:HT210725", "APPLE:HT210726", "APPLE:HT210727", "APPLE:HT210728", "APPLE:HT211134"]}, {"type": "centos", "idList": ["CESA-2020:4035"]}, {"type": "cve", "idList": ["CVE-2017-7152", "CVE-2019-8743", "CVE-2019-8747", "CVE-2019-8750", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8775", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8794", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8816", "CVE-2019-8820"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4563-1:121E7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-8743", "DEBIANCVE:CVE-2019-8764", "DEBIANCVE:CVE-2019-8765", "DEBIANCVE:CVE-2019-8766", "DEBIANCVE:CVE-2019-8808", "DEBIANCVE:CVE-2019-8811", "DEBIANCVE:CVE-2019-8812", "DEBIANCVE:CVE-2019-8816", "DEBIANCVE:CVE-2019-8820"]}, {"type": "fedora", "idList": ["FEDORA:B29916092532", "FEDORA:C00126087A1E"]}, {"type": "freebsd", "idList": ["3E748551-C732-45F6-BD88-928DA16F23A8"]}, {"type": "gentoo", "idList": ["GLSA-202003-22"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:37170621F78D33B9DDE68A73E0A16294"]}, {"type": "kaspersky", "idList": ["KLA11592", "KLA11593", "KLA11602", "KLA11603"]}, {"type": "kitploit", "idList": ["KITPLOIT:8766743662298222785"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2019-8743/", "MSF:ILITIES/GENTOO-LINUX-CVE-2019-8764/", "MSF:ILITIES/GENTOO-LINUX-CVE-2019-8765/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2019-8766/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1563.NASL", "CENTOS_RHSA-2020-4035.NASL", "DEBIAN_DSA-4563.NASL", "FEDORA_2019-4213E37211.NASL", "FEDORA_2019-FA0C4B0674.NASL", "FREEBSD_PKG_3E748551C73245F6BD88928DA16F23A8.NASL", "GENTOO_GLSA-202003-22.NASL", "ITUNES_12_10_2.NASL", "MACOS_HT210722.NASL", "OPENSUSE-2019-2587.NASL", "OPENSUSE-2019-2591.NASL", "ORACLELINUX_ELSA-2020-4035.NASL", "ORACLELINUX_ELSA-2020-4451.NASL", "REDHAT-RHSA-2020-4035.NASL", "REDHAT-RHSA-2020-4451.NASL", "SUSE_SU-2019-3044-1.NASL", "SUSE_SU-2020-1135-1.NASL", "UBUNTU_USN-4181-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704563", "OPENVAS:1361412562310815818", "OPENVAS:1361412562310815819", "OPENVAS:1361412562310815820", "OPENVAS:1361412562310815821", "OPENVAS:1361412562310815822", "OPENVAS:1361412562310815826", "OPENVAS:1361412562310815827", "OPENVAS:1361412562310815828", "OPENVAS:1361412562310844232", "OPENVAS:1361412562310852791", "OPENVAS:1361412562310877012"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4035", "ELSA-2020-4451"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155030", "PACKETSTORM:155112"]}, {"type": "redhat", "idList": ["RHSA-2020:4451"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-8743", "RH:CVE-2019-8764", "RH:CVE-2019-8765", "RH:CVE-2019-8766", "RH:CVE-2019-8808", "RH:CVE-2019-8811", "RH:CVE-2019-8812", "RH:CVE-2019-8816", "RH:CVE-2019-8820"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2587-1", "OPENSUSE-SU-2019:2591-1"]}, {"type": "symantec", "idList": ["SMNTC-103136"]}, {"type": "ubuntu", "idList": ["USN-4181-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-8764", "UB:CVE-2019-8765", "UB:CVE-2019-8766", "UB:CVE-2019-8808", "UB:CVE-2019-8811", "UB:CVE-2019-8812", "UB:CVE-2019-8816"]}, {"type": "zdi", "idList": ["ZDI-19-1009"]}, {"type": "zdt", "idList": ["1337DAY-ID-33433", "1337DAY-ID-33452"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "watchos", "version": 6}]}, "epss": [{"cve": "CVE-2017-7152", "epss": "0.004350000", "percentile": "0.706580000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8743", "epss": "0.003060000", "percentile": "0.651090000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8747", "epss": "0.000720000", "percentile": "0.294400000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8750", "epss": "0.002440000", "percentile": "0.606300000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8764", "epss": "0.002170000", "percentile": "0.579710000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8765", "epss": "0.431270000", "percentile": "0.967330000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8766", "epss": "0.003950000", "percentile": "0.692940000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8775", "epss": "0.000660000", "percentile": "0.268170000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8785", "epss": "0.001160000", "percentile": "0.437230000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8786", "epss": "0.001160000", "percentile": "0.437230000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8787", "epss": "0.002640000", "percentile": "0.622600000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8794", "epss": "0.000700000", "percentile": "0.284720000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8796", "epss": "0.000840000", "percentile": "0.337980000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8797", "epss": "0.001160000", "percentile": "0.437230000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8798", "epss": "0.000470000", "percentile": "0.141280000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8803", "epss": "0.000730000", "percentile": "0.297320000", "modified": "2023-03-20"}, {"cve": "CVE-2019-8808", "epss": "0.005330000", "percentile": "0.735560000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8811", "epss": "0.007350000", "percentile": "0.778760000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8812", "epss": "0.005330000", "percentile": "0.735560000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8816", "epss": "0.005900000", "percentile": "0.749290000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8820", "epss": "0.765720000", "percentile": "0.976280000", "modified": "2023-03-19"}, {"cve": "CVE-2019-8829", "epss": "0.000820000", "percentile": "0.334550000", "modified": "2023-03-20"}], "vulnersScore": 0.3}, "_state": {"dependencies": 1660004461, "score": 1698853730, "affected_software_major_version": 1666695388, "epss": 1679323282}, "_internal": {"score_hash": "ee655f84ea08e061e1aea24f3994e0d9"}, "affectedSoftware": [{"version": "6.1", "operator": "lt", "name": "watchos"}]}

{"apple": [{"lastseen": "2020-12-24T20:41:34", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## watchOS 6.1\n\nReleased October 29, 2019\n\n**Accounts**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**AirDrop**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry updated April 4, 2020\n\n**App Store**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\n**Audio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**Contacts**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**File System Events**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**libxslt**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**VoiceOver**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A person with physical access to an iOS device may be able to access contacts from the lock screen\n\nDescription: The issue was addressed by restricting options offered on a locked device.\n\nCVE-2019-8775: videosdebarraquito\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nEntry updated November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance.\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**Safari**\n\nWe would like to acknowledge Ron Summers, Ronald van der Meer for their assistance.\n\nEntry updated February 11, 2020\n\n**WebKit**\n\nWe would like to acknowledge Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-05T02:44:15", "title": "About the security content of watchOS 6.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8798", "CVE-2019-8750", "CVE-2019-8787", "CVE-2017-7152", "CVE-2019-8747", "CVE-2019-8743", "CVE-2019-8820", "CVE-2019-8797", "CVE-2019-8808", "CVE-2019-8785", "CVE-2019-8794", "CVE-2019-8816", "CVE-2019-8796", "CVE-2019-8764", "CVE-2019-8775", "CVE-2019-8766", "CVE-2019-8811", "CVE-2019-8786", "CVE-2019-8765", "CVE-2019-8803", "CVE-2019-8812", "CVE-2019-8829"], "modified": "2020-04-05T02:44:15", "id": "APPLE:HT210724", "href": "https://support.apple.com/kb/HT210724", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-11T19:29:57", "description": "# About the security content of tvOS 13.2\n\nThis document describes the security content of tvOS 13.2.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 13.2\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**App Store**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**AVEVideoEncoder**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure\n\n**File System Events**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: February 04, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-28T00:00:00", "type": "apple", "title": "About the security content of tvOS 13.2", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8794", "CVE-2019-8795", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827", "CVE-2019-8829"], "modified": "2019-10-28T00:00:00", "id": "APPLE:23F4B15F98B9E907DBA0469D5F0BC654", "href": "https://support.apple.com/kb/HT210723", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:45", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 13.2\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**App Store**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**AVEVideoEncoder**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure\n\n**File System Events**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-04T05:24:20", "title": "About the security content of tvOS 13.2 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8798", "CVE-2019-8787", "CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8797", "CVE-2019-8808", "CVE-2019-8795", "CVE-2019-8827", "CVE-2019-8785", "CVE-2019-8821", "CVE-2019-8794", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8786", "CVE-2019-8783", "CVE-2019-8803", "CVE-2019-8812", "CVE-2019-8829", "CVE-2019-8814"], "modified": "2020-02-04T05:24:20", "id": "APPLE:HT210723", "href": "https://support.apple.com/kb/HT210723", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:48", "description": "# About the security content of iOS 13.2 and iPadOS 13.2\n\nThis document describes the security content of iOS 13.2 and iPadOS 13.2.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 13.2 and iPadOS 13.2\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**AirDrop**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**App Store**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**Associated Domains**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Improper URL processing may lead to data exfiltration\n\nDescription: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.\n\nCVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**AVEVideoEncoder**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure\n\n**Books**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven\n\n**Contacts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**File System Events**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Graphics Driver**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**Setup Assistant**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup\n\nDescription: An inconsistency in Wi-Fi network configuration settings was addressed.\n\nCVE-2019-8804: Christy Philip Mathew of Zimperium, Inc\n\n**Screen Recording**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local user may be able to record the screen without a visible screen recording indicator\n\nDescription: A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management.\n\nCVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 6, 2020\n\n**WebKit Process Model**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in Wi-Fi range may be able to view a small amount of network traffic\n\nDescription: A logic issue existed in the handling of state transitions. This was addressed with improved state management.\n\nCVE-2019-15126: Milos Cermak at ESET\n\nEntry added February 3, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: April 05, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-28T00:00:00", "type": "apple", "title": "About the security content of iOS 13.2 and iPadOS 13.2", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7152", "CVE-2019-15126", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8788", "CVE-2019-8789", "CVE-2019-8793", "CVE-2019-8794", "CVE-2019-8795", "CVE-2019-8796", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8804", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827", "CVE-2019-8829"], "modified": "2019-10-28T00:00:00", "id": "APPLE:F7CA1A5840C15D3C9444B9C7F4FBA655", "href": "https://support.apple.com/kb/HT210721", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:27", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 13.2 and iPadOS 13.2\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n**AirDrop**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**App Store**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**Associated Domains**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Improper URL processing may lead to data exfiltration\n\nDescription: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.\n\nCVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\n**AVEVideoEncoder**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure\n\n**Books**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven\n\n**Contacts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**File System Events**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Graphics Driver**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 8, 2019\n\n**Setup Assistant**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup\n\nDescription: An inconsistency in Wi-Fi network configuration settings was addressed.\n\nCVE-2019-8804: Christy Philip Mathew of Zimperium, Inc\n\n**Screen Recording**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local user may be able to record the screen without a visible screen recording indicator\n\nDescription: A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management.\n\nCVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 6, 2020\n\n**WebKit Process Model**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in Wi-Fi range may be able to view a small amount of network traffic\n\nDescription: A logic issue existed in the handling of state transitions. This was addressed with improved state management.\n\nCVE-2019-15126: Milos Cermak at ESET\n\nEntry added February 3, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 8, 2019\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-05T02:40:44", "title": "About the security content of iOS 13.2 and iPadOS 13.2 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8798", "CVE-2019-8787", "CVE-2017-7152", "CVE-2019-8788", "CVE-2019-8815", "CVE-2019-8789", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8793", "CVE-2019-8820", "CVE-2019-8797", "CVE-2019-8808", "CVE-2019-8795", "CVE-2019-8827", "CVE-2019-8785", "CVE-2019-8821", "CVE-2019-8794", "CVE-2019-8816", "CVE-2019-8796", "CVE-2019-8819", "CVE-2019-15126", "CVE-2019-8823", "CVE-2019-8784", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8786", "CVE-2019-8783", "CVE-2019-8803", "CVE-2019-8804", "CVE-2019-8812", "CVE-2019-8829", "CVE-2019-8814"], "modified": "2020-04-05T02:40:44", "id": "APPLE:HT210721", "href": "https://support.apple.com/kb/HT210721", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-10T11:41:59", "description": "# About the security content of Safari 13.0.3\n\nThis document describes the security content of Safari 13.0.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Safari 13.0.3\n\nReleased October 28, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: February 04, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-28T00:00:00", "type": "apple", "title": "About the security content of Safari 13.0.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827"], "modified": "2019-10-28T00:00:00", "id": "APPLE:24F0CE6C0A090A12BFC0624F060D429D", "href": "https://support.apple.com/kb/HT210725", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:41:12", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Safari 13.0.3\n\nReleased October 28, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6, and included in macOS Catalina 10.15.1\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-04T05:18:53", "title": "About the security content of Safari 13.0.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8827", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8812", "CVE-2019-8814"], "modified": "2020-02-04T05:18:53", "id": "APPLE:HT210725", "href": "https://support.apple.com/kb/HT210725", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T19:29:54", "description": "# About the security content of iCloud for Windows 10.8\n\nThis document describes the security content of iCloud for Windows 10.8.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 10.8\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**libxslt**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\n**WebKit Process Model**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab, MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nEntry updated August 31, 2020\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab, MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nEntry added August 31, 2020, updated September 11, 2020\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 11, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 10.8", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8710", "CVE-2019-8750", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2019-10-30T00:00:00", "id": "APPLE:B079F933FC53AA9BD392638EBBEA2490", "href": "https://support.apple.com/kb/HT210727", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:31", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 10.8\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**libxslt**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\n**WebKit Process Model**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab, MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nEntry updated August 31, 2020\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab, MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nEntry added August 31, 2020, updated September 11, 2020\n", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-09-11T05:39:42", "title": "About the security content of iCloud for Windows 10.8 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8750", "CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8766", "CVE-2019-8784", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8710", "CVE-2019-8814"], "modified": "2020-09-11T05:39:42", "id": "APPLE:HT210727", "href": "https://support.apple.com/kb/HT210727", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:45", "description": "# About the security content of iTunes 12.10.2 for Windows\n\nThis document describes the security content of iTunes 12.10.2 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iTunes 12.10.2 for Windows\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution\n\nDescription: A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching.\n\nCVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: February 04, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.10.2 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8801", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827"], "modified": "2019-10-30T00:00:00", "id": "APPLE:CC90AF91854DC3DAAF69A4D6FA63346F", "href": "https://support.apple.com/kb/HT210726", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:28", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 12.4.3\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2020-04-09T09:05:34", "title": "About the security content of iOS 12.4.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8796"], "modified": "2020-04-09T09:05:34", "id": "APPLE:HT211134", "href": "https://support.apple.com/kb/HT211134", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-14T04:14:03", "description": "# About the security content of iOS 12.4.3\n\nThis document describes the security content of iOS 12.4.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 12.4.3\n\nReleased October 28, 2019\n\n**Accounts**\n\nAvailable for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: April 09, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-28T00:00:00", "type": "apple", "title": "About the security content of iOS 12.4.3", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8796"], "modified": "2019-10-28T00:00:00", "id": "APPLE:F0257CCC537810B8AB9FA8DCAF0EE8F6", "href": "https://support.apple.com/kb/HT211134", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-24T20:44:27", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 13.1 and iPadOS 13.1\n\nReleased September 24, 2019\n\niOS 13.1 and iPadOS 13.1 include the security content of [iOS 13](<https://support.apple.com/kb/HT210606>).\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added December 18, 2019\n\n**Books**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service\n\nDescription: A resource exhaustion issue was addressed with improved input validation.\n\nCVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8740: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local app may be able to read a persistent account identifier\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8809: Apple\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8780: Siguza\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**mDNSResponder**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in physical proximity may be able to passively observe device names in AWDL communications\n\nDescription: This issue was resolved by replacing device names with a random identifier.\n\nCVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added October 29, 2019\n\n**Shortcuts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in a privileged network position may be able to intercept SSH traffic from the \u201cRun script over SSH\u201d action\n\nDescription: This issue was addressed by verifying host keys when connecting to a previously-known SSH server.\n\nCVE-2019-8901: an anonymous researcher\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 18, 2019\n\n**VoiceOver**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A person with physical access to an iOS device may be able to access contacts from the lock screen\n\nDescription: The issue was addressed by restricting options offered on a locked device.\n\nCVE-2019-8775: videosdebarraquito\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Visiting a maliciously crafted website may reveal browsing history\n\nDescription: An issue existed in the drawing of web page elements. The issue was addressed with improved logic.\n\nCVE-2019-8769: Pi\u00e9rre Reimertz (@reimertz)\n\nEntry added October 8, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance.\n\nEntry added October 29, 2019\n\n**Find My iPhone**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Identity Service**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nEntry added October 29, 2019\n\n**Kernel**\n\nWe would like to acknowledge Vlad Tsyrklevich for their assistance.\n\nEntry added July 28, 2020\n\n**Notes**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Photos**\n\nWe would like to acknowledge Peter Scott of Sydney, Australia for their assistance.\n\nEntry added December 18, 2019\n\n**Share Sheet**\n\nWe would like to acknowledge Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt for their assistance.\n\nEntry added October 29, 2019\n\n**Status Bar**\n\nWe would like to acknowledge Isaiah Kahler, Mohammed Adham, an anonymous researcher for their assistance.\n\nEntry added October 29, 2019\n\n**Telephony**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-28T05:30:25", "title": "About the security content of iOS 13.1 and iPadOS 13.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8750", "CVE-2019-8747", "CVE-2019-8831", "CVE-2019-8752", "CVE-2019-8769", "CVE-2019-8774", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8706", "CVE-2019-8773", "CVE-2019-8775", "CVE-2019-8780", "CVE-2019-8901", "CVE-2019-8762", "CVE-2019-8766", "CVE-2019-8809", "CVE-2019-8799", "CVE-2019-8765", "CVE-2019-8740", "CVE-2019-8850", "CVE-2019-8710", "CVE-2020-9932", "CVE-2019-8751"], "modified": "2020-07-28T05:30:25", "id": "APPLE:HT210603", "href": "https://support.apple.com/kb/HT210603", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:41:17", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iTunes 12.10.2 for Windows\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**iTunes**\n\nAvailable for: Windows 7 and later\n\nImpact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution\n\nDescription: A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching.\n\nCVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8813: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8782: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8808: found by OSS-Fuzz\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8812: JunDong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\nEntry updated November 18, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-04T05:27:46", "title": "About the security content of iTunes 12.10.2 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8827", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8801", "CVE-2019-8784", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8812", "CVE-2019-8814"], "modified": "2020-02-04T05:27:46", "id": "APPLE:HT210726", "href": "https://support.apple.com/kb/HT210726", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:54", "description": "# About the security content of iOS 13.1 and iPadOS 13.1\n\nThis document describes the security content of iOS 13.1 and iPadOS 13.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 13.1 and iPadOS 13.1\n\nReleased September 24, 2019\n\niOS 13.1 and iPadOS 13.1 include the security content of [iOS 13](<https://support.apple.com/kb/HT210606>).\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added December 18, 2019\n\n**Books**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service\n\nDescription: A resource exhaustion issue was addressed with improved input validation.\n\nCVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8740: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A local app may be able to read a persistent account identifier\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8809: Apple\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8780: Siguza\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**mDNSResponder**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in physical proximity may be able to passively observe device names in AWDL communications\n\nDescription: This issue was resolved by replacing device names with a random identifier.\n\nCVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added October 29, 2019\n\n**Shortcuts**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An attacker in a privileged network position may be able to intercept SSH traffic from the \u201cRun script over SSH\u201d action\n\nDescription: This issue was addressed by verifying host keys when connecting to a previously-known SSH server.\n\nCVE-2019-8901: an anonymous researcher\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 18, 2019\n\n**VoiceOver**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: A person with physical access to an iOS device may be able to access contacts from the lock screen\n\nDescription: The issue was addressed by restricting options offered on a locked device.\n\nCVE-2019-8775: videosdebarraquito\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Visiting a maliciously crafted website may reveal browsing history\n\nDescription: An issue existed in the drawing of web page elements. The issue was addressed with improved logic.\n\nCVE-2019-8769: Pi\u00e9rre Reimertz (@reimertz)\n\nEntry added October 8, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance.\n\nEntry added October 29, 2019\n\n**Find My iPhone**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Identity Service**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nEntry added October 29, 2019\n\n**Kernel**\n\nWe would like to acknowledge Vlad Tsyrklevich for their assistance.\n\nEntry added July 28, 2020\n\n**Notes**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Photos**\n\nWe would like to acknowledge Peter Scott of Sydney, Australia for their assistance.\n\nEntry added December 18, 2019\n\n**Share Sheet**\n\nWe would like to acknowledge Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt for their assistance.\n\nEntry added October 29, 2019\n\n**Status Bar**\n\nWe would like to acknowledge Isaiah Kahler, Mohammed Adham, an anonymous researcher for their assistance.\n\nEntry added October 29, 2019\n\n**Telephony**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 28, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-24T00:00:00", "type": "apple", "title": "About the security content of iOS 13.1 and iPadOS 13.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8706", "CVE-2019-8710", "CVE-2019-8740", "CVE-2019-8743", "CVE-2019-8747", "CVE-2019-8750", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8773", "CVE-2019-8774", "CVE-2019-8775", "CVE-2019-8780", "CVE-2019-8799", "CVE-2019-8809", "CVE-2019-8831", "CVE-2019-8850", "CVE-2019-8901", "CVE-2020-9932"], "modified": "2019-09-24T00:00:00", "id": "APPLE:07C404431E4E9AA795FF43515E579852", "href": "https://support.apple.com/kb/HT210603", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:54", "description": "# About the security content of Safari 13.0.1\n\nThis document describes the security content of Safari 13.0.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Safari 13.0.1\n\nReleased September 24, 2019\n\n**Safari**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Visiting a malicious website may lead to user interface spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2019-8654: Juno Im (@junorouse) of Theori\n\n**Service Workers**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Service workers may leak private browsing history\n\nDescription: The issue was addressed with improved handling of service worker lifetime.\n\nCVE-2019-8725: Michael Thwaite of Connect Medi\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Maliciously crafted web content may violate iframe sandboxing policy\n\nDescription: This issue was addressed with improved iframe sandbox enforcement.\n\nCVE-2019-8771: Eliya Stein of Confiant\n\nEntry added October 8, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry added October 29, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Safari**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhiyang Zeng (@Wester) of OPPO ZIWU Cyber Security Lab for their assistance.\n\nEntry updated July 28, 2020\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 28, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-24T00:00:00", "type": "apple", "title": "About the security content of Safari 13.0.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8654", "CVE-2019-8710", "CVE-2019-8725", "CVE-2019-8743", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8771", "CVE-2019-8773", "CVE-2020-9932"], "modified": "2019-09-24T00:00:00", "id": "APPLE:B52E92BE35619FA480B979F2662F87F8", "href": "https://support.apple.com/kb/HT210605", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:41:43", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Safari 13.0.1\n\nReleased September 24, 2019\n\n**Safari**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Visiting a malicious website may lead to user interface spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2019-8654: Juno Im (@junorouse) of Theori\n\n**Service Workers**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Service workers may leak private browsing history\n\nDescription: The issue was addressed with improved handling of service worker lifetime.\n\nCVE-2019-8725: Michael Thwaite of Connect Medi\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Maliciously crafted web content may violate iframe sandboxing policy\n\nDescription: This issue was addressed with improved iframe sandbox enforcement.\n\nCVE-2019-8771: Eliya Stein of Confiant\n\nEntry added October 8, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry added October 29, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Safari**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhiyang Zeng (@Wester) of OPPO ZIWU Cyber Security Lab for their assistance.\n\nEntry updated July 28, 2020\n", "edition": 4, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-28T05:32:13", "title": "About the security content of Safari 13.0.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8752", "CVE-2019-8743", "CVE-2019-8771", "CVE-2019-8763", "CVE-2019-8773", "CVE-2019-8764", "CVE-2019-8762", "CVE-2019-8766", "CVE-2019-8654", "CVE-2019-8765", "CVE-2019-8725", "CVE-2019-8710", "CVE-2020-9932", "CVE-2019-8751"], "modified": "2020-07-28T05:32:13", "id": "APPLE:HT210605", "href": "https://support.apple.com/kb/HT210605", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:04", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006\n\nReleased October 29, 2019\n\n**Accounts**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry updated February 11, 2020\n\n**Accounts**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**AirDrop**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**AMD**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team\n\nEntry added February 11, 2020\n\n**apache_mod_php**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Multiple issues in PHP\n\nDescription: Multiple issues were addressed by updating to PHP version 7.3.8.\n\nCVE-2019-11041\n\nCVE-2019-11042\n\nEntry added February 11, 2020\n\n**APFS**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8824: Mac working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**App Store**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**AppleGraphicsControl**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8817: Arash Tohidi\n\n**AppleGraphicsControl**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group, Zhuo Liang of Qihoo 360 Vulcan Team\n\n**Associated Domains**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Improper URL processing may lead to data exfiltration\n\nDescription: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.\n\nCVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd\n\n**Audio**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\n\n**Audio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\nEntry updated February 11, 2020\n\n**Audio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry updated December 18, 2019\n\n**Books**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven\n\n**Contacts**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Playing a malicious audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 6, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted movie may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**CoreMedia**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added February 11, 2020\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An attacker in a privileged network position may be able to leak sensitive user information\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a maliciously crafted string may lead to heap corruption\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2019-8767: Stephen Zeisberg\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An attacker in a privileged position may be able to perform a denial of service attack\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\n\n**File Quarantine**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs\n\n**File System Events**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Foundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\nEntry added February 11, 2020\n\n**Graphics**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-12152: Piotr Bania of Cisco Talos\n\nCVE-2018-12153: Piotr Bania of Cisco Talos\n\nCVE-2018-12154: Piotr Bania of Cisco Talos\n\n**Graphics Driver**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8807: Yu Wang of Didi Research America\n\n**IOGraphics**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8759: another of 360 Nirvan Team\n\n**iTunes**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution\n\nDescription: A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching.\n\nCVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)\n\nEntry added February 11, 2020\n\n**Kernel**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8717: Jann Horn of Google Project Zero\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019, updated February 11, 2020\n\n**Kernel**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.\n\nCVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 6, 2019\n\n**libxml2**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\n**libxslt**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**manpages**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8802: Csaba Fitzl (@theevilbit)\n\n**PDFKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An attacker may be able to exfiltrate the contents of an encrypted PDF\n\nDescription: An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt.\n\nCVE-2019-8772: Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of FH M\u00fcnster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH M\u00fcnster University of Applied Sciences, and J\u00f6rg Schwenk of Ruhr University Bochum\n\nEntry added February 11, 2020\n\n**PluginKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A local user may be able to check for the existence of arbitrary files\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8708: an anonymous researcher\n\n**PluginKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8715: an anonymous researcher\n\n**Screen Sharing Server**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A user who shares their screen may not be able to end screen sharing\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8858: Saul van der Bijl of Saul\u2019s Place Counseling B.V.\n\nEntry added December 18, 2019\n\n**System Extensions**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.\n\nCVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU\n\n**UIFoundation**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A malicious HTML document may be able to render iframes with sensitive user information\n\nDescription: A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins.\n\nCVE-2019-8754: Renee Trisberg of SpectX\n\nEntry added February 24, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Parsing a maliciously crafted text file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8761: Paulos Yibelo of Limehats, Renee Trisberg of SpectX\n\nEntry updated August 10, 2020\n\n**Wi-Fi**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An attacker in Wi-Fi range may be able to view a small amount of network traffic\n\nDescription: A logic issue existed in the handling of state transitions. This was addressed with improved state management.\n\nCVE-2019-15126: Milos Cermak at ESET\n\nEntry added February 11, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Find My**\n\nWe would like to acknowledge Amr Elseehy for their assistance.\n\nEntry added July 28, 2020\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero, Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 6, 2019\n\n**libresolv**\n\nWe would like to acknowledge enh at Google for their assistance.\n\n**Local Authentication**\n\nWe would like to acknowledge Ryan Lopopolo for their assistance.\n\nEntry added February 11, 2020\n\n**mDNSResponder**\n\nWe would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.\n\nEntry added February 11, 2020\n\n**Postfix**\n\nWe would like to acknowledge Chris Barker of Puppet for their assistance.\n\n**python**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**VPN**\n\nWe would like to acknowledge Royce Gawron of Second Son Consulting, Inc. for their assistance.\n", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-10T07:58:24", "title": "About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8798", "CVE-2019-8772", "CVE-2019-8750", "CVE-2019-8767", "CVE-2019-8744", "CVE-2019-8749", "CVE-2019-8817", "CVE-2019-8787", "CVE-2017-7152", "CVE-2019-8756", "CVE-2019-8788", "CVE-2019-8761", "CVE-2019-8789", "CVE-2019-8831", "CVE-2019-8715", "CVE-2019-8824", "CVE-2018-12154", "CVE-2019-8825", "CVE-2019-8745", "CVE-2019-8709", "CVE-2019-8592", "CVE-2019-8858", "CVE-2019-8708", "CVE-2019-8797", "CVE-2019-8785", "CVE-2019-8746", "CVE-2019-8794", "CVE-2019-8796", "CVE-2019-8706", "CVE-2019-15126", "CVE-2019-11041", "CVE-2019-11042", "CVE-2019-8737", "CVE-2019-8801", "CVE-2019-8807", "CVE-2018-12152", "CVE-2019-8748", "CVE-2019-8784", "CVE-2019-8759", "CVE-2019-8786", "CVE-2018-12153", "CVE-2019-8509", "CVE-2019-8805", "CVE-2019-8802", "CVE-2019-8850", "CVE-2019-8803", "CVE-2019-8736", "CVE-2019-8705", "CVE-2019-8829", "CVE-2019-8717", "CVE-2019-8716", "CVE-2019-8754"], "modified": "2020-08-10T07:58:24", "id": "APPLE:HT210722", "href": "https://support.apple.com/kb/HT210722", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:47", "description": "# About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006\n\nThis document describes the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006\n\nReleased October 29, 2019\n\n**Accounts**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry updated February 11, 2020\n\n**Accounts**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**AirDrop**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: AirDrop transfers may be unexpectedly accepted while in Everyone mode\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8796: Allison Husain of UC Berkeley\n\nEntry added April 4, 2020\n\n**AMD**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team\n\nEntry added February 11, 2020\n\n**apache_mod_php**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Multiple issues in PHP\n\nDescription: Multiple issues were addressed by updating to PHP version 7.3.8.\n\nCVE-2019-11041\n\nCVE-2019-11042\n\nEntry added February 11, 2020\n\n**APFS**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8824: Mac working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**App Store**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8803: Kiyeon An, \ucc28\ubbfc\uaddc (CHA Minkyu)\n\n**AppleGraphicsControl**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8817: Arash Tohidi\n\n**AppleGraphicsControl**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group, Zhuo Liang of Qihoo 360 Vulcan Team\n\n**Associated Domains**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Improper URL processing may lead to data exfiltration\n\nDescription: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.\n\nCVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd\n\n**Audio**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\n\n**Audio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8785: Ian Beer of Google Project Zero\n\nCVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure\n\nEntry updated February 11, 2020\n\n**Audio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry updated December 18, 2019\n\n**Books**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven\n\n**Contacts**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Processing a maliciously contact may lead to UI spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Playing a malicious audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 6, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted movie may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**CoreMedia**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added February 11, 2020\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An attacker in a privileged network position may be able to leak sensitive user information\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a maliciously crafted string may lead to heap corruption\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2019-8767: Stephen Zeisberg\n\n**CUPS**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An attacker in a privileged position may be able to perform a denial of service attack\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\n\n**File Quarantine**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs\n\n**File System Events**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero Day Initiative\n\n**Foundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: natashenka and Samuel Gro\u00df of Google Project Zero\n\nEntry added February 11, 2020\n\n**Graphics**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-12152: Piotr Bania of Cisco Talos\n\nCVE-2018-12153: Piotr Bania of Cisco Talos\n\nCVE-2018-12154: Piotr Bania of Cisco Talos\n\n**Graphics Driver**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8807: Yu Wang of Didi Research America\n\n**IOGraphics**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8759: another of 360 Nirvan Team\n\n**iTunes**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: Running the iTunes installer in an untrusted directory may result in arbitrary code execution\n\nDescription: A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching.\n\nCVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)\n\nEntry added February 11, 2020\n\n**Kernel**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8717: Jann Horn of Google Project Zero\n\nCVE-2019-8786: Wen Xu of Georgia Tech, Microsoft Offensive Security Research Intern\n\nEntry updated November 18, 2019, updated February 11, 2020\n\n**Kernel**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.\n\nCVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8829: Jann Horn of Google Project Zero\n\nEntry added November 6, 2019\n\n**libxml2**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\n**libxslt**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\n**manpages**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8802: Csaba Fitzl (@theevilbit)\n\n**PDFKit**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An attacker may be able to exfiltrate the contents of an encrypted PDF\n\nDescription: An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt.\n\nCVE-2019-8772: Jens M\u00fcller of Ruhr University Bochum, Fabian Ising of FH M\u00fcnster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH M\u00fcnster University of Applied Sciences, and J\u00f6rg Schwenk of Ruhr University Bochum\n\nEntry added February 11, 2020\n\n**PluginKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: A local user may be able to check for the existence of arbitrary files\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8708: an anonymous researcher\n\n**PluginKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8715: an anonymous researcher\n\n**Screen Sharing Server**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A user who shares their screen may not be able to end screen sharing\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8858: Saul van der Bijl of Saul\u2019s Place Counseling B.V.\n\nEntry added December 18, 2019\n\n**System Extensions**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.\n\nCVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU\n\n**UIFoundation**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: A malicious HTML document may be able to render iframes with sensitive user information\n\nDescription: A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins.\n\nCVE-2019-8754: Renee Trisberg of SpectX\n\nEntry added February 24, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added February 11, 2020\n\n**UIFoundation**\n\nAvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6\n\nImpact: Parsing a maliciously crafted text file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8761: Renee Trisberg of SpectX\n\nEntry updated August 10, 2020, updated July 21, 2021 \n\n**Wi-Fi**\n\nAvailable for: macOS Catalina 10.15\n\nImpact: An attacker in Wi-Fi range may be able to view a small amount of network traffic\n\nDescription: A logic issue existed in the handling of state transitions. This was addressed with improved state management.\n\nCVE-2019-15126: Milos Cermak at ESET\n\nEntry added February 11, 2020\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**Find My**\n\nWe would like to acknowledge Amr Elseehy for their assistance.\n\nEntry added July 28, 2020\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero, Daniel Roethlisberger of Swisscom CSIRT, Jann Horn of Google Project Zero for their assistance.\n\nEntry updated November 6, 2019\n\n**libresolv**\n\nWe would like to acknowledge enh at Google for their assistance.\n\n**Local Authentication**\n\nWe would like to acknowledge Ryan Lopopolo for their assistance.\n\nEntry added February 11, 2020\n\n**mDNSResponder**\n\nWe would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.\n\nEntry added February 11, 2020\n\n**Postfix**\n\nWe would like to acknowledge Chris Barker of Puppet for their assistance.\n\n**python**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**VPN**\n\nWe would like to acknowledge Royce Gawron of Second Son Consulting, Inc. for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 21, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-29T00:00:00", "type": "apple", "title": "About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7152", "CVE-2018-12152", "CVE-2018-12153", "CVE-2018-12154", "CVE-2019-11041", "CVE-2019-11042", "CVE-2019-15126", "CVE-2019-8509", "CVE-2019-8592", "CVE-2019-8705", "CVE-2019-8706", "CVE-2019-8708", "CVE-2019-8709", "CVE-2019-8715", "CVE-2019-8716", "CVE-2019-8717", "CVE-2019-8736", "CVE-2019-8737", "CVE-2019-8744", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8748", "CVE-2019-8749", "CVE-2019-8750", "CVE-2019-8754", "CVE-2019-8756", "CVE-2019-8759", "CVE-2019-8761", "CVE-2019-8767", "CVE-2019-8772", "CVE-2019-8784", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8788", "CVE-2019-8789", "CVE-2019-8794", "CVE-2019-8796", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8801", "CVE-2019-8802", "CVE-2019-8803", "CVE-2019-8805", "CVE-2019-8807", "CVE-2019-8817", "CVE-2019-8824", "CVE-2019-8825", "CVE-2019-8829", "CVE-2019-8831", "CVE-2019-8850", "CVE-2019-8858"], "modified": "2019-10-29T00:00:00", "id": "APPLE:356155132BDE067E2049C0C5B87F5F09", "href": "https://support.apple.com/kb/HT210722", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:18", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 7.15\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-04T05:29:41", "title": "About the security content of iCloud for Windows 7.15 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8815", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8827", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8814"], "modified": "2020-02-04T05:29:41", "id": "APPLE:HT210728", "href": "https://support.apple.com/kb/HT210728", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:13:49", "description": "# About the security content of iCloud for Windows 7.15\n\nThis document describes the security content of iCloud for Windows 7.15\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 7.15\n\nReleased October 30, 2019\n\n**Graphics Driver**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team\n\nCVE-2019-8811: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8814: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8816: Soyeon Park of SSLab at Georgia Tech\n\nCVE-2019-8819: Cheolung Lee of LINE+ Security Team\n\nCVE-2019-8820: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8821: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8822: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8823: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Visiting a maliciously crafted website may reveal the sites a user has visited\n\nDescription: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.\n\nCVE-2019-8827: Artur Janc, Krzysztof Kotowicz, Lukas Weichselbaum, and Roberto Clapis of Google Security Team\n\nEntry added February 3, 2020\n\n**WebKit Process Model**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8815: Apple\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**CFNetwork**\n\nWe would like to acknowledge Lily Chen of Google for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: February 04, 2020\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 7.15", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827"], "modified": "2019-10-30T00:00:00", "id": "APPLE:A1A8D52172AE1DABB07F3860D96264D1", "href": "https://support.apple.com/kb/HT210728", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:07", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iTunes 12.10.1 for Windows\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n\nEntry updated October 29, 2019\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-22T06:58:28", "title": "About the security content of iTunes 12.10.1 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8750", "CVE-2019-8749", "CVE-2019-8756", "CVE-2019-8752", "CVE-2019-8825", "CVE-2019-8745", "CVE-2019-8726", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8746", "CVE-2019-8763", "CVE-2019-8734", "CVE-2019-8773", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8741", "CVE-2019-8762", "CVE-2019-8766", "CVE-2019-8719", "CVE-2019-8733", "CVE-2019-8765", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8728", "CVE-2019-8751"], "modified": "2019-11-22T06:58:28", "id": "APPLE:HT210635", "href": "https://support.apple.com/kb/HT210635", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-27T03:29:04", "description": "# About the security content of iTunes 12.10.1 for Windows\n\nThis document describes the security content of iTunes 12.10.1 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iTunes 12.10.1 for Windows\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: natashenka and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n\nEntry updated October 29, 2019\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-07T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.10.1 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8728", "CVE-2019-8733", "CVE-2019-8734", "CVE-2019-8735", "CVE-2019-8741", "CVE-2019-8743", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8749", "CVE-2019-8750", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8756", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8773", "CVE-2019-8825"], "modified": "2019-10-07T00:00:00", "id": "APPLE:8C1FE42B64A09C7B23ECEB4773F3CF3C", "href": "https://support.apple.com/kb/HT210635", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-24T20:42:41", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 13\n\nReleased September 24, 2019\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added December 4, 2019\n\n**CFNetwork**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8753: \u0141ukasz Pilorz of Standard Chartered GBS Poland\n\nEntry added October 29, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Playing a malicious audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 6, 2019\n\n**CoreCrypto**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted movie may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added October 8, 2019\n\n**Foundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**IOUSBDeviceFamily**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8718: Joshua Hill and Sem Voigtl\u00e4nder\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8740: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local app may be able to read a persistent account identifier\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8809: Apple\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8712: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.\n\nCVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8717: Jann Horn of Google Project Zero\n\nEntry added October 8, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8780: Siguza\n\nEntry added October 8, 2019\n\n**Keyboards**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8704: \u738b \u90a6 \u5b87 (wAnyBug.Com) of SAINTSEC\n\n**libxml2**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**mDNSResponder**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in physical proximity may be able to passively observe device names in AWDL communications\n\nDescription: This issue was resolved by replacing device names with a random identifier.\n\nCVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added October 8, 2019\n\n**UIFoundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8854: Ta-Lun Yen of UCCU Hacker and FuriousMacTeam of the United States Naval Academy and the Mitre Cooperation\n\nEntry added December 4, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Audio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added October 29, 2019\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum, Thijs Alkemade (@xnyhps) of Computest for their assistance.\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**HomeKit**\n\nWe would like to acknowledge Tian Zhang for their assistance.\n\nEntry added October 29, 2019\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero, Vlad Tsyrklevich for their assistance.\n\nEntry updated July 28, 2020\n\n**Keyboard**\n\nWe would like to acknowledge Sara Haradhvala of Harlen Web Consulting, an anonymous researcher for their assistance.\n\nEntry updated July 28, 2020\n\n**mDNSResponder**\n\nWe would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.\n\nEntry added October 29, 2019\n\n**Profiles**\n\nWe would like to acknowledge Erik Johnson of Vernon Hills High School, James Seeley (@Code4iOS) of Shriver Job Corps, James Seeley (@Code4iOS) of Shriver Job Corps for their assistance.\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nWe would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an anonymous researcher, cc working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added October 8, 2019, updated October 29, 2019\n", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-28T05:31:25", "title": "About the security content of tvOS 13 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8750", "CVE-2019-8744", "CVE-2019-8749", "CVE-2019-8747", "CVE-2019-8756", "CVE-2019-8831", "CVE-2019-8752", "CVE-2019-8718", "CVE-2019-8745", "CVE-2019-8726", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8709", "CVE-2019-8592", "CVE-2019-8746", "CVE-2019-8763", "CVE-2019-8706", "CVE-2019-8734", "CVE-2019-8773", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8741", "CVE-2019-8704", "CVE-2019-8780", "CVE-2019-8762", "CVE-2019-8766", "CVE-2019-8753", "CVE-2019-8809", "CVE-2019-8719", "CVE-2019-8733", "CVE-2019-8799", "CVE-2019-8765", "CVE-2019-8740", "CVE-2019-8625", "CVE-2019-8712", "CVE-2019-8850", "CVE-2019-8705", "CVE-2019-8710", "CVE-2019-8717", "CVE-2019-8854", "CVE-2019-8728", "CVE-2020-9932", "CVE-2019-8751"], "modified": "2020-07-28T05:31:25", "id": "APPLE:HT210604", "href": "https://support.apple.com/kb/HT210604", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T03:29:07", "description": "# About the security content of tvOS 13\n\nThis document describes the security content of tvOS 13.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 13\n\nReleased September 24, 2019\n\n**AppleFirmwareUpdateKext**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8747: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8706: Yu Zhou of Ant-Financial Light-Year Security Lab\n\nEntry added October 29, 2019\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added December 4, 2019\n\n**CFNetwork**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8753: \u0141ukasz Pilorz of Standard Chartered GBS Poland\n\nEntry added October 29, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Playing a malicious audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 6, 2019\n\n**CoreCrypto**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted movie may result in the disclosure of process memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added October 8, 2019\n\n**Foundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: natashenka and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**IOUSBDeviceFamily**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8718: Joshua Hill and Sem Voigtl\u00e4nder\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2019-8703: an anonymous researcher\n\nEntry added March 16, 2021\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2019-8740: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local app may be able to read a persistent account identifier\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8809: Apple\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8712: Mohamed Ghannam (@_simo36)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.\n\nCVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)\n\nEntry added October 29, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8717: Jann Horn of Google Project Zero\n\nEntry added October 8, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8780: Siguza\n\nEntry added October 8, 2019\n\n**Keyboards**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8704: \u738b \u90a6 \u5b87 (wAnyBug.Com) of SAINTSEC\n\n**libxml2**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Multiple issues in libxslt\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8750: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**mDNSResponder**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in physical proximity may be able to passively observe device names in AWDL communications\n\nDescription: This issue was resolved by replacing device names with a random identifier.\n\nCVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added October 8, 2019\n\n**UIFoundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8710: found by OSS-Fuzz\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8766: found by OSS-Fuzz\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech\n\nEntry added July 28, 2020\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8854: Ta-Lun Yen of UCCU Hacker and FuriousMacTeam of the United States Naval Academy and the Mitre Cooperation\n\nEntry added December 4, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Audio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added October 29, 2019\n\n**boringssl**\n\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum, Thijs Alkemade (@xnyhps) of Computest for their assistance.\n\nEntry added October 8, 2019, updated October 29, 2019\n\n**HomeKit**\n\nWe would like to acknowledge Tian Zhang for their assistance.\n\nEntry added October 29, 2019\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero, Vlad Tsyrklevich for their assistance.\n\nEntry updated July 28, 2020\n\n**Keyboard**\n\nWe would like to acknowledge Sara Haradhvala of Harlen Web Consulting, an anonymous researcher for their assistance.\n\nEntry updated July 28, 2020\n\n**mDNSResponder**\n\nWe would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.\n\nEntry added October 29, 2019\n\n**Profiles**\n\nWe would like to acknowledge Erik Johnson of Vernon Hills High School, James Seeley (@Code4iOS) of Shriver Job Corps, James Seeley (@Code4iOS) of Shriver Job Corps for their assistance.\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nWe would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yi\u011fit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an anonymous researcher, cc working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added October 8, 2019, updated October 29, 2019\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 19, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-24T00:00:00", "type": "apple", "title": "About the security content of tvOS 13", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8592", "CVE-2019-8625", "CVE-2019-8703", "CVE-2019-8704", "CVE-2019-8705", "CVE-2019-8706", "CVE-2019-8707", "CVE-2019-8709", "CVE-2019-8710", "CVE-2019-8712", "CVE-2019-8717", "CVE-2019-8718", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8728", "CVE-2019-8733", "CVE-2019-8734", "CVE-2019-8735", "CVE-2019-8740", "CVE-2019-8741", "CVE-2019-8743", "CVE-2019-8744", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8747", "CVE-2019-8749", "CVE-2019-8750", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8753", "CVE-2019-8756", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8773", "CVE-2019-8780", "CVE-2019-8799", "CVE-2019-8809", "CVE-2019-8831", "CVE-2019-8850", "CVE-2019-8854", "CVE-2020-9932"], "modified": "2019-09-24T00:00:00", "id": "APPLE:4F5D2C20724C56D494032826B570F894", "href": "https://support.apple.com/kb/HT210604", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:23", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 7.14\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) and Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-22T06:59:51", "title": "About the security content of iCloud for Windows 7.14 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8749", "CVE-2019-8756", "CVE-2019-8752", "CVE-2019-8825", "CVE-2019-8745", "CVE-2019-8726", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8746", "CVE-2019-8763", "CVE-2019-8734", "CVE-2019-8773", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8741", "CVE-2019-8762", "CVE-2019-8719", "CVE-2019-8733", "CVE-2019-8765", "CVE-2019-8625", "CVE-2019-8728", "CVE-2019-8751"], "modified": "2019-11-22T06:59:51", "id": "APPLE:HT210637", "href": "https://support.apple.com/kb/HT210637", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-24T20:41:13", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 10.7\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) and Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-11-18T08:29:17", "title": "About the security content of iCloud for Windows 10.7 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8749", "CVE-2019-8756", "CVE-2019-8752", "CVE-2019-8825", "CVE-2019-8745", "CVE-2019-8726", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8746", "CVE-2019-8763", "CVE-2019-8734", "CVE-2019-8773", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8741", "CVE-2019-8762", "CVE-2019-8719", "CVE-2019-8733", "CVE-2019-8765", "CVE-2019-8625", "CVE-2019-8728", "CVE-2019-8751"], "modified": "2019-11-18T08:29:17", "id": "APPLE:HT210636", "href": "https://support.apple.com/kb/HT210636", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-02-19T19:30:13", "description": "# About the security content of iCloud for Windows 10.7\n\nThis document describes the security content of iCloud for Windows 10.7.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 10.7\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: natashenka and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) and Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 08, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-07T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 10.7", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8707", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8728", "CVE-2019-8733", "CVE-2019-8734", "CVE-2019-8735", "CVE-2019-8741", "CVE-2019-8743", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8749", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8756", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8773", "CVE-2019-8825"], "modified": "2019-10-07T00:00:00", "id": "APPLE:AA7D20441BD99D01D8BEDE3B9762EB04", "href": "https://support.apple.com/kb/HT210636", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-03-14T04:13:50", "description": "# About the security content of iCloud for Windows 7.14\n\nThis document describes the security content of iCloud for Windows 7.14.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 7.14\n\nReleased October 7, 2019\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2019-8741: Nicky Mouha of NIST\n\nEntry added October 29, 2019\n\n**CoreMedia**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8825: Found by GWP-ASan in Google Chrome\n\nEntry added October 29, 2019\n\n**Foundation**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8746: natashenka and Samuel Gro\u00df of Google Project Zero\n\nEntry added October 29, 2019\n\n**libxml2**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple issues in libxml2\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2019-8749: found by OSS-Fuzz\n\nCVE-2019-8756: found by OSS-Fuzz\n\nEntry added October 29, 2019\n\n**UIFoundation**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted text file may lead to arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8625: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8719: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8764: Sergei Glazunov of Google Project Zero\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative\n\nCVE-2019-8726: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation\n\nCVE-2019-8733: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8734: found by OSS-Fuzz\n\nCVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group\n\nCVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech\n\nCVE-2019-8763: Sergei Glazunov of Google Project Zero\n\nCVE-2019-8765: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8773: found by OSS-Fuzz\n\nEntry updated October 29, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2019-8762: Sergei Glazunov of Google Project Zero\n\nEntry added November 18, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Software Update**\n\nWe would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) and Zhihua Yao of DBAPPSecurity Zion Lab for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-07T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 7.14", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8707", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8728", "CVE-2019-8733", "CVE-2019-8734", "CVE-2019-8735", "CVE-2019-8741", "CVE-2019-8743", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8749", "CVE-2019-8751", "CVE-2019-8752", "CVE-2019-8756", "CVE-2019-8762", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8773", "CVE-2019-8825"], "modified": "2019-10-07T00:00:00", "id": "APPLE:D725BA42FF7DF9373C130EE10E8F427D", "href": "https://support.apple.com/kb/HT210637", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-03-06T16:57:35", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates(HT210722)-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8787", "CVE-2019-8824", "CVE-2019-8797", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8717"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310815822", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815822", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815822\");\n script_version(\"2020-03-04T11:31:55+0000\");\n script_cve_id(\"CVE-2019-8787\", \"CVE-2019-8785\", \"CVE-2019-8797\", \"CVE-2019-8717\",\n \"CVE-2019-8786\", \"CVE-2019-8824\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 11:31:55 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 12:08:41 +0530 (Wed, 30 Oct 2019)\");\n script_name(\"Apple MacOSX Security Updates(HT210722)-04\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to\n\n - Multiple memory corruption issues related to improper memory handling.\n\n - An out-of-bounds read\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allow attackers\n to gain access to sensitive information and execute arbitrary code with\n kernel privileges.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.15, 10.13.x\n prior to 10.13.6 Security Update 2019-006 and 10.14.x prior to 10.14.6\n Security Update 2019-001.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.15.1 or\n later or apply Security Update 2019-006 on 10.13.6 or apply\n Security Update 2019-001 on 10.14.6.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210722\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.1[345]\" || \"Mac OS X\" >!< osName){\n exit(0);\n}\n\nbuildVer = get_kb_item(\"ssh/login/osx_build\");\n\nif(osVer =~ \"^10\\.13\")\n{\n if(version_in_range(version:osVer, test_version:\"10.13\", test_version2:\"10.13.5\")){\n fix = \"Upgrade to latest OS release and apply patch from vendor\";\n }\n\n else if(osVer == \"10.13.6\")\n {\n if(osVer == \"10.13.6\" && version_is_less(version:buildVer, test_version:\"17G9016\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n }\n}\n\nif(osVer =~ \"^10\\.14\")\n{\n if(version_in_range(version:osVer, test_version:\"10.14\", test_version2:\"10.14.5\")){\n fix = \"Upgrade to latest OS release and apply patch from vendor\";\n }\n\n else if(osVer == \"10.14.6\")\n {\n if(osVer == \"10.14.6\" && version_is_less(version:buildVer, test_version:\"18G1012\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n }\n}\n\nelse if(osVer == \"10.15\"){\n fix = \"10.15.1\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:fix);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-03T18:56:45", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Apple Safari Security Updates (HT210725)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8812", "CVE-2019-8814"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310815818", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815818", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815818\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2019-8813\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\",\n \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8814\", \"CVE-2019-8816\",\n \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\",\n \"CVE-2019-8823\", \"CVE-2019-8815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 11:34:18 +0530 (Wed, 30 Oct 2019)\");\n script_name(\"Apple Safari Security Updates (HT210725)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple memory corruption issues related to improper memory handling.\n\n - A logic issue related to improper state management.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to execute arbitrary code and conduct cross site scripting attacks.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 13.0.3.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari 13.0.3 or later.\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210725\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"13.0.3\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"13.0.3\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-03T18:56:46", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-11-05T00:00:00", "type": "openvas", "title": "Apple iTunes Security Updates(HT210726)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8801", "CVE-2019-8784", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8812", "CVE-2019-8814"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310815828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815828", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815828\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2019-8784\", \"CVE-2019-8801\", \"CVE-2019-8813\", \"CVE-2019-8782\",\n \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\",\n \"CVE-2019-8814\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\",\n \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\", \"CVE-2019-8815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-05 15:24:05 +0530 (Tue, 05 Nov 2019)\");\n script_name(\"Apple iTunes Security Updates(HT210726)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A dynamic library loading issue existed in iTunes setup.\n\n - A logic issue related to improper state management.\n\n - Multiple memory corruption issues.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to conduct cross site scripting attacks and execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.10.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.10.2 or later.\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210726\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"12.10.2\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version:\"12.10.2\", install_path: path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-27T17:06:27", "description": "This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-11-05T00:00:00", "type": "openvas", "title": "Apple iCloud Security Updates(HT210727)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8750", "CVE-2019-8815", "CVE-2019-8782", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8766", "CVE-2019-8784", "CVE-2019-8813", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8710", "CVE-2019-8814"], "modified": "2020-03-26T00:00:00", "id": "OPENVAS:1361412562310815827", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815827", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:icloud\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815827\");\n script_version(\"2020-03-26T07:27:53+0000\");\n script_cve_id(\"CVE-2019-8784\", \"CVE-2019-8750\", \"CVE-2019-8813\", \"CVE-2019-8811\",\n \"CVE-2019-8814\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\",\n \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\", \"CVE-2019-8710\",\n \"CVE-2019-8766\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 07:27:53 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-05 15:24:05 +0530 (Tue, 05 Nov 2019)\");\n script_name(\"Apple iCloud Security Updates(HT210727)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to multiple memory\n corruption issues and logic issue related to improper state management.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to execute arbitrary code with system privileges and conduct cross site scripting\n attacks.\");\n\n script_tag(name:\"affected\", value:\"Apple iCloud version 10.x before 10.8 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iCloud 10.8 or later.\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210727\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_apple_icloud_detect_win.nasl\");\n\n script_mandatory_keys(\"apple/icloud/Win/Ver\");\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(vers =~ \"^10\\.\" && version_is_less(version:vers, test_version:\"10.8\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version:\"10.8\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-06T16:57:17", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates(HT210722)-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8817", "CVE-2017-7152", "CVE-2019-8788", "CVE-2019-8789", "CVE-2019-8858", "CVE-2019-8794", "CVE-2019-15126", "CVE-2019-8801", "CVE-2019-8807", "CVE-2019-8784", "CVE-2019-8805", "CVE-2019-8803", "CVE-2019-8829", "CVE-2019-8754"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310815819", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815819", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815819\");\n script_version(\"2020-03-04T11:31:55+0000\");\n script_cve_id(\"CVE-2019-8817\", \"CVE-2019-8788\", \"CVE-2019-8789\", \"CVE-2019-8858\",\n \"CVE-2019-8807\", \"CVE-2019-8754\", \"CVE-2017-7152\", \"CVE-2019-8805\",\n \"CVE-2019-8803\", \"CVE-2019-8801\", \"CVE-2019-8794\", \"CVE-2019-8829\",\n \"CVE-2019-15126\", \"CVE-2019-8784\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 11:31:55 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 12:08:21 +0530 (Wed, 30 Oct 2019)\");\n script_name(\"Apple MacOSX Security Updates(HT210722)-01\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - A validation issue related to improper input sanitization.\n\n - A memory corruption issue was addressed with improved memory handling.\n\n - An out-of-bounds read error related to improper input validation.\n\n - An issue existed in the parsing of URLs.\n\n - A validation issue related to handling of symlinks.\n\n - An inconsistent user interface issue related to improper state management.\n\n - Multiple memory corruption issues related to improper memory handling.\n\n - A dynamic library loading issue existed in iTunes setup.\n\n - A validation issue existed in the entitlement verification.\n\n For more information refer the references.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allow attackers to\n read restricted memory, execute arbitrary code with system privileges, conduct\n data exfiltration, bypass authentication, disclosure of user information and\n conduct spoofing attack.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X version 10.15\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.15.1 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210722\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.15\" || \"Mac OS X\" >!< osName){\n exit(0);\n}\n\nif(osVer == \"10.15\")\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.15.1\");\n security_message(port:0, data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:47:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-01T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2587-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8681", "CVE-2019-8815", "CVE-2019-8563", "CVE-2019-8769", "CVE-2019-8782", "CVE-2019-8559", "CVE-2019-8726", "CVE-2019-8822", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8558", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8771", "CVE-2019-8763", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8688", "CVE-2019-8674", "CVE-2019-8551", "CVE-2019-8819", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8823", "CVE-2019-8687", "CVE-2019-8766", "CVE-2019-8720", "CVE-2019-8813", "CVE-2019-8686", "CVE-2019-8719", "CVE-2019-8811", "CVE-2019-8733", "CVE-2019-8765", "CVE-2019-8625", "CVE-2019-8690", "CVE-2019-8783", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8710", "CVE-2019-8812", "CVE-2019-8768", "CVE-2019-8814"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852791", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852791\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-8551\", \"CVE-2019-8558\", \"CVE-2019-8559\", \"CVE-2019-8563\", \"CVE-2019-8625\", \"CVE-2019-8674\", \"CVE-2019-8681\", \"CVE-2019-8684\", \"CVE-2019-8686\", \"CVE-2019-8687\", \"CVE-2019-8688\", \"CVE-2019-8689\", \"CVE-2019-8690\", \"CVE-2019-8707\", \"CVE-2019-8710\", \"CVE-2019-8719\", \"CVE-2019-8720\", \"CVE-2019-8726\", \"CVE-2019-8733\", \"CVE-2019-8735\", \"CVE-2019-8743\", \"CVE-2019-8763\", \"CVE-2019-8764\", \"CVE-2019-8765\", \"CVE-2019-8766\", \"CVE-2019-8768\", \"CVE-2019-8769\", \"CVE-2019-8771\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-01 03:00:47 +0000 (Sun, 01 Dec 2019)\");\n script_name(\"openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2587-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2587-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00073.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the openSUSE-SU-2019:2587-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for webkit2gtk3 to version 2.26.2 fixes the following issues:\n\n Webkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and\n WSA-2019-0006, bsc#1155321 bsc#1156318)\n\n Security issues addressed:\n\n - CVE-2019-8625: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8674: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable to delete\n browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously crafted website may\n reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously crafted web content\n may violate iframe sandboxing policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8782: Fixed m ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk3' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18\", rpm:\"libjavascriptcoregtk-4_0-18~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37\", rpm:\"libwebkit2gtk-4_0-37~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-JavaScriptCore-4_0\", rpm:\"typelib-1_0-JavaScriptCore-4_0~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2-4_0\", rpm:\"typelib-1_0-WebKit2-4_0~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2WebExtension-4_0\", rpm:\"typelib-1_0-WebKit2WebExtension-4_0~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4\", rpm:\"webkit-jsc-4~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4-debuginfo\", rpm:\"webkit-jsc-4-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles\", rpm:\"webkit2gtk-4_0-injected-bundles~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles-debuginfo\", rpm:\"webkit2gtk-4_0-injected-bundles-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-debugsource\", rpm:\"webkit2gtk3-debugsource~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-devel\", rpm:\"webkit2gtk3-devel~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser\", rpm:\"webkit2gtk3-minibrowser~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser-debuginfo\", rpm:\"webkit2gtk3-minibrowser-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk3-lang\", rpm:\"libwebkit2gtk3-lang~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-32bit~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit\", rpm:\"libwebkit2gtk-4_0-37-32bit~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-32bit-debuginfo~2.26.2~lp150.2.28.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-03T18:56:51", "description": "This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-11-05T00:00:00", "type": "openvas", "title": "Apple iCloud Security Updates(HT210728)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8815", "CVE-2019-8822", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8823", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8783", "CVE-2019-8814"], "modified": "2020-02-28T00:00:00", "id": "OPENVAS:1361412562310815826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815826", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:icloud\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815826\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_cve_id(\"CVE-2019-8784\", \"CVE-2019-8783\", \"CVE-2019-8811\", \"CVE-2019-8814\",\n \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\",\n \"CVE-2019-8822\", \"CVE-2019-8823\", \"CVE-2019-8815\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-05 15:24:05 +0530 (Tue, 05 Nov 2019)\");\n script_name(\"Apple iCloud Security Updates(HT210728)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to multiple memory\n corruption issues.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote attackers\n to execute arbitrary code with system privileges.\");\n\n script_tag(name:\"affected\", value:\"Apple iCloud version below 7.15 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iCloud 7.15 or later.\n Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210728\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_apple_icloud_detect_win.nasl\");\n script_mandatory_keys(\"apple/icloud/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_reg.inc\");\n\nif(hotfix_check_sp(win7:2, win7x64:2, win8_1:1, win8_1x64:1, win10:1, win10x64:1) <= 0)\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\n#iCloud for Windows 7.x works with versions of Microsoft Windows 7, 8, 8.1, and early versions of Windows 10\n#Ignore for May 2019 Update version of Microsoft Windows 10 and later\nif(version_is_less(version:vers, test_version:\"7.15\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"7.15\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:29:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2591-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8681", "CVE-2019-8815", "CVE-2019-8563", "CVE-2019-8769", "CVE-2019-8782", "CVE-2019-8559", "CVE-2019-8726", "CVE-2019-8822", "CVE-2019-8743", "CVE-2019-8707", "CVE-2019-8558", "CVE-2019-8820", "CVE-2019-8808", "CVE-2019-8771", "CVE-2019-8763", "CVE-2019-8821", "CVE-2019-8816", "CVE-2019-8688", "CVE-2019-8674", "CVE-2019-8551", "CVE-2019-8819", "CVE-2019-8735", "CVE-2019-8764", "CVE-2019-8823", "CVE-2019-8687", "CVE-2019-8766", "CVE-2019-8720", "CVE-2019-8813", "CVE-2019-8686", "CVE-2019-8719", "CVE-2019-8811", "CVE-2019-8733", "CVE-2019-8765", "CVE-2019-8625", "CVE-2019-8690", "CVE-2019-8783", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8710", "CVE-2019-8812", "CVE-2019-8768", "CVE-2019-8814"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852964", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852964\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-8551\", \"CVE-2019-8558\", \"CVE-2019-8559\", \"CVE-2019-8563\",\n \"CVE-2019-8625\", \"CVE-2019-8674\", \"CVE-2019-8681\", \"CVE-2019-8684\",\n \"CVE-2019-8686\", \"CVE-2019-8687\", \"CVE-2019-8688\", \"CVE-2019-8689\",\n \"CVE-2019-8690\", \"CVE-2019-8707\", \"CVE-2019-8710\", \"CVE-2019-8719\",\n \"CVE-2019-8720\", \"CVE-2019-8726\", \"CVE-2019-8733\", \"CVE-2019-8735\",\n \"CVE-2019-8743\", \"CVE-2019-8763\", \"CVE-2019-8764\", \"CVE-2019-8765\",\n \"CVE-2019-8766\", \"CVE-2019-8768\", \"CVE-2019-8769\", \"CVE-2019-8771\",\n \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\",\n \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\",\n \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\",\n \"CVE-2019-8822\", \"CVE-2019-8823\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:48:27 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2591-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2591-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00074.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the openSUSE-SU-2019:2591-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for webkit2gtk3 to version 2.26.2 fixes the following issues:\n\n Webkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and\n WSA-2019-0006, bsc#1155321 bsc#1156318)\n\n Security issues addressed:\n\n - CVE-2019-8625: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8674: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable to delete\n browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously crafted website may\n reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously crafted web content\n may violate iframe sandboxing policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing maliciously\n crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues where by\n processing maliciously crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8782: Fixed m ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk3' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18\", rpm:\"libjavascriptcoregtk-4_0-18~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37\", rpm:\"libwebkit2gtk-4_0-37~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-JavaScriptCore-4_0\", rpm:\"typelib-1_0-JavaScriptCore-4_0~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2-4_0\", rpm:\"typelib-1_0-WebKit2-4_0~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2WebExtension-4_0\", rpm:\"typelib-1_0-WebKit2WebExtension-4_0~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4\", rpm:\"webkit-jsc-4~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4-debuginfo\", rpm:\"webkit-jsc-4-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles\", rpm:\"webkit2gtk-4_0-injected-bundles~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles-debuginfo\", rpm:\"webkit2gtk-4_0-injected-bundles-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-debugsource\", rpm:\"webkit2gtk3-debugsource~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-devel\", rpm:\"webkit2gtk3-devel~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser\", rpm:\"webkit2gtk3-minibrowser~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser-debuginfo\", rpm:\"webkit2gtk3-minibrowser-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-32bit~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit\", rpm:\"libwebkit2gtk-4_0-37-32bit~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-32bit-debuginfo~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk3-lang\", rpm:\"libwebkit2gtk3-lang~2.26.2~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-06T16:57:45", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates(HT210722)-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8798", "CVE-2019-8802"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310815821", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815821", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815821\");\n script_version(\"2020-03-04T11:31:55+0000\");\n script_cve_id(\"CVE-2019-8802\", \"CVE-2019-8798\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 11:31:55 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 12:08:35 +0530 (Wed, 30 Oct 2019)\");\n script_name(\"Apple MacOSX Security Updates(HT210722)-03\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - A memory corruption issue related to improper memory handling.\n\n - A validation issue related to improper logic.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allow attackers\n to execute arbitrary code with system privileges and gain root privileges.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.15 and 10.13.x\n prior to 10.13.6 Security Update 2019-006\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.15.1 or apply\n Security Update 2019-006 on version 10.13.6.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210722\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.1[35]\" || \"Mac OS X\" >!< osName)\n exit(0);\n\nbuildVer = get_kb_item(\"ssh/login/osx_build\");\n\nif(osVer =~ \"^10\\.13\") {\n if(version_in_range(version:osVer, test_version:\"10.13\", test_version2:\"10.13.5\")){\n fix = \"Upgrade to latest OS release and apply patch from vendor\";\n }\n\n else if(osVer == \"10.13.6\") {\n if(osVer == \"10.13.6\" && version_is_less(version:buildVer, test_version:\"17G9016\")) {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n }\n}\n\nelse if(osVer == \"10.15\") {\n fix = \"10.15.1\";\n}\n\nif(fix) {\n report = report_fixed_ver(installed_version:osVer, fixed_version:fix);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-14T14:48:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for webkit2gtk3 FEDORA-2019-fa0c4b0674", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877211", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877211\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:32:08 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for webkit2gtk3 FEDORA-2019-fa0c4b0674\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-fa0c4b0674\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOVHOHAND2LF77ZTFDGGS2S7JUAWWAYO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the FEDORA-2019-fa0c4b0674 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"WebKitGTK is the port of the portable web rendering engine WebKit to the\nGTK platform.\n\nThis package contains WebKit2 based WebKitGTK for GTK 3.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk3' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3\", rpm:\"webkit2gtk3~2.26.2~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-30T12:59:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4563-1 (webkit2gtk - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-28T00:00:00", "id": "OPENVAS:1361412562310704563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704563", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704563\");\n script_version(\"2019-12-28T10:21:15+0000\");\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-28 10:21:15 +0000 (Sat, 28 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:00:30 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Debian Security Advisory DSA 4563-1 (webkit2gtk - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4563.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4563-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk'\n package(s) announced via the DSA-4563-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"These vulnerabilities have been discovered in the webkit2gtk web engine:\n\nCVE-2019-8812\nAn anonymous researcher discovered that maliciously crafted web\ncontent may lead to arbitrary code execution.\n\nCVE-2019-8814\nCheolung Lee discovered that maliciously crafted web content may\nlead to arbitrary code execution.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 2.26.2-1~deb10+1.\n\nWe recommend that you upgrade your webkit2gtk packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-javascriptcoregtk-4.0\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-webkit2-4.0\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-18\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-bin\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-dev\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37-gtk2\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-dev\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-doc\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"webkit2gtk-driver\", ver:\"2.26.2-1~deb10+1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-30T12:55:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for webkit2gtk USN-4181-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-28T00:00:00", "id": "OPENVAS:1361412562310844232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844232", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844232\");\n script_version(\"2019-12-28T10:21:15+0000\");\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-28 10:21:15 +0000 (Sat, 28 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-13 03:01:10 +0000 (Wed, 13 Nov 2019)\");\n script_name(\"Ubuntu Update for webkit2gtk USN-4181-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04)\");\n\n script_xref(name:\"USN\", value:\"4181-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005190.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk'\n package(s) announced via the USN-4181-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A large number of security issues were discovered in the WebKitGTK+ Web and\nJavaScript engines. If a user were tricked into viewing a malicious\nwebsite, a remote attacker could exploit a variety of issues related to web\nbrowser security, including cross-site scripting attacks, denial of service\nattacks, and arbitrary code execution.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-18\", ver:\"2.26.2-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37\", ver:\"2.26.2-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-18\", ver:\"2.26.2-0ubuntu0.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37\", ver:\"2.26.2-0ubuntu0.19.10.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libjavascriptcoregtk-4.0-18\", ver:\"2.26.2-0ubuntu0.19.04.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libwebkit2gtk-4.0-37\", ver:\"2.26.2-0ubuntu0.19.04.1\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-30T12:50:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-17T00:00:00", "type": "openvas", "title": "Fedora Update for webkit2gtk3 FEDORA-2019-4213e37211", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-28T00:00:00", "id": "OPENVAS:1361412562310877012", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877012", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877012\");\n script_version(\"2019-12-28T10:21:15+0000\");\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-28 10:21:15 +0000 (Sat, 28 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-17 03:31:53 +0000 (Sun, 17 Nov 2019)\");\n script_name(\"Fedora Update for webkit2gtk3 FEDORA-2019-4213e37211\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-4213e37211\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KP6UYDPJRIPQQ5YTFSMLFMIS5OUGZAOV\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the FEDORA-2019-4213e37211 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"WebKitGTK is the port of the portable web rendering engine WebKit to the\nGTK platform.\n\nThis package contains WebKit2 based WebKitGTK for GTK 3.\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk3' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3\", rpm:\"webkit2gtk3~2.26.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-09-26T16:04:15", "description": "The version of Apple iOS running on the mobile device is prior to 13.2. It is, therefore, affected by multiple vulnerabilities.\n - A memory leak vulnerablity exists in the iOS Accounts, a remote attacker can exploit this using specially crafted input. (CVE-2019-8787)\n\n - An authentication vulnerability exists in the iOS App store, a local attacker may be able to login to the account of a previously logged in user without valid credentials. (CVE-2019-8803)\n\n - Associated Domains vulnerable to data exfiltration. The attacker can exploit this issue by passing improper URL. An issue existed in the parsing of URLs. (CVE-2019-8788)\n\n - A memory corruption issue exist in iOS Audio and AVEVideoEncoder. An application may be able to execute arbitrary code with system privileges. (CVE-2019-8785, CVE-2019-8797, CVE-2019-8795)\n\n - A validation issue existed in the handling of symlinks in iOS Books. Parsing a maliciously crafted iBooks file may lead to disclosure of user information. (CVE-2019-8789)\n\n - An inconsistent user interface issue exist in the iOS Contacts, processing a maliciously contact may lead to UI spoofing. (CVE-2017-7152)\n\n - A memory corruption issue exists in the iOS File System Events, Graphics Driver, Kernel. An application may be able to execute arbitrary code with system privileges. (CVE-2019-8798, CVE-2019-8784, CVE-2019-8786)\n\n - An input validation exists in the iOS Kernel. An application may be able to read restricted memory.\n (CVE-2019-8794)\n\n - An inconsistency in Wi-Fi network configuration in iOS Setup Assistant is vulnerable. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. (CVE-2019-8804)\n\n - A iOS Screen Recording is vulnerable, a local user may be able to record the screen without a visible screen recording indicator. (CVE-2019-8793)\n\n - A cross-site scripting (XSS) vulnerability exists in iOS WebKit due to improper validation of user-supplied input before returning it to users. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An arbitrary code execution vulnerability exists in iOS WebKit and WebKit Processing Model. Multiple memory corruption vulnerabilities while processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8815, CVE-2019-8782)\n\n - A logic issue in the handling of state transitions allows an attacker within Wi-Fi range to compromise some confidentiality of network traffic. (CVE-2019-15126)\n\n - The HTTP referrer header leaks browsing history to maliciously crafted websites. (CVE-2019-8827)\n\n - A memory corruption vulnerability exists that allows applications to execute arbitrary code with kernel privileges. (CVE-2019-8829)", "cvss3": {}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "Apple iOS < 13.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7152", "CVE-2019-15126", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8788", "CVE-2019-8789", "CVE-2019-8793", "CVE-2019-8794", "CVE-2019-8795", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8803", "CVE-2019-8804", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8827", "CVE-2019-8829"], "modified": "2023-09-25T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_132_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/130461", "sourceData": "Binary data apple_ios_132_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:08", "description": "The WebKitGTK project reports multiple vulnerabilities.", "cvss3": {}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (3e748551-c732-45f6-bd88-928da16f23a8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8710", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:webkit2-gtk3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3E748551C73245F6BD88928DA16F23A8.NASL", "href": "https://www.tenable.com/plugins/nessus/131467", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131467);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2019-8710\", \"CVE-2019-8743\", \"CVE-2019-8764\", \"CVE-2019-8765\", \"CVE-2019-8766\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\");\n\n script_name(english:\"FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (3e748551-c732-45f6-bd88-928da16f23a8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"The WebKitGTK project reports multiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0006.html\"\n );\n # https://vuxml.freebsd.org/freebsd/3e748551-c732-45f6-bd88-928da16f23a8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28d1454d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit2-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"webkit2-gtk3<2.26.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:04:29", "description": "According to its version, the iCloud application installed on the remote Windows host is 10.x prior to 10.8. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple arbitrary code execution vulnerabilities exist with in the WebKit due to multiple memory corruption issues. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2019-8710, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple issues exist with in the Libxslt due to multiple memory corruption issue. (CVE-2019-8750)\n\n - An cross site scripting vulnerability exist with in the WebKit due to logic issue. An unauthenticated, remote attacker can exploit this by processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An arbitrary code execution vulnerability exist with in the WebKit due to multiple memory corruption issue. An unauthenticated, remote attacker can exploit this by processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8815)", "cvss3": {}, "published": "2020-07-03T00:00:00", "type": "nessus", "title": "Apple iCloud 10.x < 10.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8710", "CVE-2019-8750", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/a:apple:icloud_for_windows"], "id": "ICLOUD_10_8.NASL", "href": "https://www.tenable.com/plugins/nessus/138093", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138093);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2019-8710\",\n \"CVE-2019-8750\",\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8784\",\n \"CVE-2019-8811\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\"\n );\n\n script_name(english:\"Apple iCloud 10.x < 10.8 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An iCloud software installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the iCloud application installed on the remote Windows host is 10.x prior to 10.8. \nIt is, therefore, affected by multiple vulnerabilities:\n\n - Multiple arbitrary code execution vulnerabilities exist with in the WebKit due to multiple memory \n corruption issues. An unauthenticated, remote attacker can exploit this to execute arbitrary code. \n (CVE-2019-8710, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814,\n CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple issues exist with in the Libxslt due to multiple memory corruption issue. (CVE-2019-8750)\n\n - An cross site scripting vulnerability exist with in the WebKit due to logic issue. An unauthenticated, \n remote attacker can exploit this by processing maliciously crafted web content may lead to universal \n cross site scripting. (CVE-2019-8813)\n\n - An arbitrary code execution vulnerability exist with in the WebKit due to multiple memory corruption \n issue. An unauthenticated, remote attacker can exploit this by processing maliciously crafted web \n content may lead to arbitrary code execution. (CVE-2019-8815)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210727\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iCloud version 10.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-8750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:icloud_for_windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"icloud_installed.nasl\");\n script_require_keys(\"installed_sw/iCloud\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'iCloud';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n {'min_version' : '10.0', 'fixed_version' : '10.8'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:48", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210726 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-11-20T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.10.2 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8801", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2019-11-22T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_10_2.NASL", "href": "https://www.tenable.com/plugins/nessus/131132", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131132);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/11/22\");\n\n script_cve_id(\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8784\",\n \"CVE-2019-8801\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT210726\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-10-25\");\n\n script_name(english:\"Apple iTunes < 12.10.2 Multiple Vulnerabilities (credentialed check)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is prior to 12.10.2. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the HT210726 advisory. Note that Nessus has not tested for this issue but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210726\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.10.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8784\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\nconstraints = [{'fixed_version':'12.10.2'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:19", "description": "This update for webkit2gtk3 to version 2.28.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528).\n\nCVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658).\n\nCVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8846: Fixed a use-after-free issue (bsc#1161719).\n\nCVE-2020-3862: Fixed a memory handling issue (bsc#1163809).\n\nCVE-2020-3867: Fixed an XSS issue (bsc#1163809).\n\nCVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809).\n\nCVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object context handling (bsc#1163809).\n\nNon-security issues fixed: Add API to enable Process Swap on (Cross-site) Navigation.\n\nAdd user messages API for the communication with the web extension.\n\nAdd support for same-site cookies.\n\nService workers are enabled by default.\n\nAdd support for Pointer Lock API.\n\nAdd flatpak sandbox support.\n\nMake ondemand hardware acceleration policy never leave accelerated compositing mode.\n\nAlways use a light theme for rendering form controls.\n\nAdd about:gpu to show information about the graphics stack.\n\nFixed issues while trying to play a video on NextCloud.\n\nFixed vertical alignment of text containing arabic diacritics.\n\nFixed build with icu 65.1.\n\nFixed page loading errors with websites using HSTS.\n\nFixed web process crash when displaying a KaTeX formula.\n\nFixed several crashes and rendering issues.\n\nSwitched to a single web process for Evolution and geary (bsc#1159329).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:1135-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1135-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136082", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1135-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136082);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:1135-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for webkit2gtk3 to version 2.28.1 fixes the following\nissues :\n\nSecurity issues fixed :\n\nCVE-2020-10018: Fixed a denial of service because the\nm_deferredFocusedNodeChange data structure was mishandled\n(bsc#1165528).\n\nCVE-2020-11793: Fixed a potential arbitrary code execution caused by a\nuse-after-free vulnerability (bsc#1169658).\n\nCVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8846: Fixed a use-after-free issue (bsc#1161719).\n\nCVE-2020-3862: Fixed a memory handling issue (bsc#1163809).\n\nCVE-2020-3867: Fixed an XSS issue (bsc#1163809).\n\nCVE-2020-3868: Fixed multiple memory corruption issues that could have\nlead to arbitrary code execution (bsc#1163809).\n\nCVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object\ncontext handling (bsc#1163809).\n\nNon-security issues fixed: Add API to enable Process Swap on\n(Cross-site) Navigation.\n\nAdd user messages API for the communication with the web extension.\n\nAdd support for same-site cookies.\n\nService workers are enabled by default.\n\nAdd support for Pointer Lock API.\n\nAdd flatpak sandbox support.\n\nMake ondemand hardware acceleration policy never leave accelerated\ncompositing mode.\n\nAlways use a light theme for rendering form controls.\n\nAdd about:gpu to show information about the graphics stack.\n\nFixed issues while trying to play a video on NextCloud.\n\nFixed vertical alignment of text containing arabic diacritics.\n\nFixed build with icu 65.1.\n\nFixed page loading errors with websites using HSTS.\n\nFixed web process crash when displaying a KaTeX formula.\n\nFixed several crashes and rendering issues.\n\nSwitched to a single web process for Evolution and geary\n(bsc#1159329).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8625/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8710/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8720/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8743/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8764/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8769/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8771/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8783/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8811/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8812/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8813/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8814/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8816/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8819/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8820/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8823/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8835/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8844/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8846/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11793/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3862/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3864/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3865/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3867/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3868/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201135-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?718c807f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2020-1135=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2020-1135=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2020-1135=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-1135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2020-1135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2020-1135=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2020-1135=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2020-1135=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3868\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-devel-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:06", "description": "The remote host is affected by the vulnerability described in GLSA-202003-22 (WebkitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.\n Impact :\n\n A remote attacker could execute arbitrary code, cause a Denial of Service condition, bypass intended memory-read restrictions, conduct a timing side-channel attack to bypass the Same Origin Policy or obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2020-03-16T00:00:00", "type": "nessus", "title": "GLSA-202003-22 : WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8674", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868"], "modified": "2022-05-27T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:webkit-gtk", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202003-22.NASL", "href": "https://www.tenable.com/plugins/nessus/134599", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-22.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134599);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/27\");\n\n script_cve_id(\"CVE-2019-8625\", \"CVE-2019-8674\", \"CVE-2019-8707\", \"CVE-2019-8710\", \"CVE-2019-8719\", \"CVE-2019-8720\", \"CVE-2019-8726\", \"CVE-2019-8733\", \"CVE-2019-8735\", \"CVE-2019-8743\", \"CVE-2019-8763\", \"CVE-2019-8764\", \"CVE-2019-8765\", \"CVE-2019-8766\", \"CVE-2019-8768\", \"CVE-2019-8769\", \"CVE-2019-8771\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\", \"CVE-2019-8835\", \"CVE-2019-8844\", \"CVE-2019-8846\", \"CVE-2020-3862\", \"CVE-2020-3864\", \"CVE-2020-3865\", \"CVE-2020-3867\", \"CVE-2020-3868\");\n script_xref(name:\"GLSA\", value:\"202003-22\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"GLSA-202003-22 : WebkitGTK+: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-22\n(WebkitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please\n review the referenced CVE identifiers for details.\n \nImpact :\n\n A remote attacker could execute arbitrary code, cause a Denial of\n Service condition, bypass intended memory-read restrictions, conduct a\n timing side-channel attack to bypass the Same Origin Policy or obtain\n sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-22\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All WebkitGTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-2.26.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3868\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/webkit-gtk\", unaffected:make_list(\"ge 2.26.4\"), vulnerable:make_list(\"lt 2.26.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"WebkitGTK+\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:48", "description": "This update for webkit2gtk3 to version 2.26.2 fixes the following issues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and WSA-2019-0006, bsc#1155321 bsc#1156318) \n\nSecurity issues addressed :\n\n - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. \n\n - CVE-2019-8674: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable to delete browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously crafted website may reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously crafted web content may violate iframe sandboxing policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8782: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8783: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8808: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8811: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8812: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8813: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8814: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8815: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8816: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8819: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8820: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8821: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8822: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8823: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8625", "CVE-2019-8674", "CVE-2019-8681", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2022-05-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2591.NASL", "href": "https://www.tenable.com/plugins/nessus/131535", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2591.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131535);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/27\");\n\n script_cve_id(\"CVE-2019-8551\", \"CVE-2019-8558\", \"CVE-2019-8559\", \"CVE-2019-8563\", \"CVE-2019-8625\", \"CVE-2019-8674\", \"CVE-2019-8681\", \"CVE-2019-8684\", \"CVE-2019-8686\", \"CVE-2019-8687\", \"CVE-2019-8688\", \"CVE-2019-8689\", \"CVE-2019-8690\", \"CVE-2019-8707\", \"CVE-2019-8710\", \"CVE-2019-8719\", \"CVE-2019-8720\", \"CVE-2019-8726\", \"CVE-2019-8733\", \"CVE-2019-8735\", \"CVE-2019-8743\", \"CVE-2019-8763\", \"CVE-2019-8764\", \"CVE-2019-8765\", \"CVE-2019-8766\", \"CVE-2019-8768\", \"CVE-2019-8769\", \"CVE-2019-8771\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2591)\");\n script_summary(english:\"Check for the openSUSE-2019-2591 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 to version 2.26.2 fixes the following\nissues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and\nWSA-2019-0006, bsc#1155321 bsc#1156318) \n\nSecurity issues addressed :\n\n - CVE-2019-8625: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting. \n\n - CVE-2019-8674: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable\n to delete browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously\n crafted website may reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously\n crafted web content may violate iframe sandboxing\n policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8782: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8783: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8808: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8811: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8812: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8813: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8814: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8815: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8816: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8819: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8820: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8821: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8822: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8823: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156318\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk3-lang-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-debugsource-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-devel-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.26.2-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.2-lp151.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:07:36", "description": "According to its version, the iCloud application installed on the remote Windows host is 7.x prior to 7.15. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple arbitrary code execution vulnerabilities exist with in the WebKit due to multiple memory corruption issues. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)", "cvss3": {}, "published": "2020-07-02T00:00:00", "type": "nessus", "title": "Apple iCloud 7.x < 7.15 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8783", "CVE-2019-8784", "CVE-2019-8811", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2020-08-14T00:00:00", "cpe": ["cpe:/a:apple:icloud_for_windows"], "id": "ICLOUD_7_15.NASL", "href": "https://www.tenable.com/plugins/nessus/138080", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138080);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/14\");\n\n script_cve_id(\n \"CVE-2019-8783\",\n \"CVE-2019-8784\",\n \"CVE-2019-8811\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\"\n );\n\n script_name(english:\"Apple iCloud 7.x < 7.15 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An iCloud software installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the iCloud application installed on the remote Windows host is 7.x prior to 7.15. \nIt is, therefore, affected by multiple vulnerabilities:\n\n - Multiple arbitrary code execution vulnerabilities exist with in the WebKit due to multiple memory \n corruption issues. An unauthenticated, remote attacker can exploit this to execute arbitrary code. \n (CVE-2019-8783, CVE-2019-8784, CVE-2019-8811, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819,\n CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/HT210728\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iCloud version 7.15 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:icloud_for_windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"icloud_installed.nasl\");\n script_require_keys(\"installed_sw/iCloud\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'iCloud';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [\n {'min_version' : '7.0', 'fixed_version' : '7.15'},\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:34", "description": "This update for webkit2gtk3 to version 2.26.2 fixes the following issues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and WSA-2019-0006, bsc#1155321 bsc#1156318) \n\nSecurity issues addressed :\n\n - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. \n\n - CVE-2019-8674: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable to delete browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously crafted website may reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously crafted web content may violate iframe sandboxing policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8782: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8783: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8808: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8811: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8812: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8813: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting.\n\n - CVE-2019-8814: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8815: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8816: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8819: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8820: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8821: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8822: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8823: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2587)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8625", "CVE-2019-8674", "CVE-2019-8681", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2587.NASL", "href": "https://www.tenable.com/plugins/nessus/131533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2587.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131533);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8625\",\n \"CVE-2019-8674\",\n \"CVE-2019-8681\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2587)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for webkit2gtk3 to version 2.26.2 fixes the following\nissues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and\nWSA-2019-0006, bsc#1155321 bsc#1156318) \n\nSecurity issues addressed :\n\n - CVE-2019-8625: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting. \n\n - CVE-2019-8674: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8707: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8719: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8720: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8726: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8733: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8735: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8763: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8768: Fixed an issue where a user may be unable\n to delete browsing history items.\n\n - CVE-2019-8769: Fixed an issue where a maliciously\n crafted website may reveal browsing history.\n\n - CVE-2019-8771: Fixed an issue where a maliciously\n crafted web content may violate iframe sandboxing\n policy.\n\n - CVE-2019-8710: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8743: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8764: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8765: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8766: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8782: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8783: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8808: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8811: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8812: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8813: Fixed a logic issue where by processing\n maliciously crafted web content may lead to universal\n cross site scripting.\n\n - CVE-2019-8814: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8815: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8816: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8819: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8820: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8821: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8822: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\n - CVE-2019-8823: Fixed multiple memory corruption issues\n where by processing maliciously crafted web content may\n lead to arbitrary code execution.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156318\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected webkit2gtk3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk-4_0-37-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk3-lang-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit-jsc-4-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit-jsc-4-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-debugsource-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-devel-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-minibrowser-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.26.2-lp150.2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.2-lp150.2.28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:07", "description": "This update for webkit2gtk3 to version 2.26.2 fixes the following issues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and WSA-2019-0006, bsc#1155321 bsc#1156318)\n\nSecurity issues addressed :\n\nCVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8674: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8707: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8719: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8720: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8726: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8733: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8735: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8763: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8768: Fixed an issue where a user may be unable to delete browsing history items.\n\nCVE-2019-8769: Fixed an issue where a maliciously crafted website may reveal browsing history.\n\nCVE-2019-8771: Fixed an issue where a maliciously crafted web content may violate iframe sandboxing policy.\n\nCVE-2019-8710: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8743: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8764: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8765: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8766: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8782: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8783: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8808: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8811: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8812: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8813: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8814: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8815: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8816: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8819: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8820: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8821: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8822: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nCVE-2019-8823: Fixed multiple memory corruption issues where by processing maliciously crafted web content may lead to arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:3044-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8625", "CVE-2019-8674", "CVE-2019-8681", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension", "p-cpe:/a:novell:suse_linux:webkit-jsc", "p-cpe:/a:novell:suse_linux:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:webkit2gtk3-minibrowser", "p-cpe:/a:novell:suse_linux:webkit2gtk3-minibrowser-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-3044-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131302", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3044-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131302);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8625\",\n \"CVE-2019-8674\",\n \"CVE-2019-8681\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:3044-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for webkit2gtk3 to version 2.26.2 fixes the following\nissues :\n\nWebkit2gtk3 was updated to version 2.26.2 (WSA-2019-0005 and\nWSA-2019-0006, bsc#1155321 bsc#1156318)\n\nSecurity issues addressed :\n\nCVE-2019-8625: Fixed a logic issue where by processing maliciously\ncrafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8674: Fixed a logic issue where by processing maliciously\ncrafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8707: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8719: Fixed a logic issue where by processing maliciously\ncrafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8720: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8726: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8733: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8735: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8763: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8768: Fixed an issue where a user may be unable to delete\nbrowsing history items.\n\nCVE-2019-8769: Fixed an issue where a maliciously crafted website may\nreveal browsing history.\n\nCVE-2019-8771: Fixed an issue where a maliciously crafted web content\nmay violate iframe sandboxing policy.\n\nCVE-2019-8710: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8743: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8764: Fixed a logic issue where by processing maliciously\ncrafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8765: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8766: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8782: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8783: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8808: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8811: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8812: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8813: Fixed a logic issue where by processing maliciously\ncrafted web content may lead to universal cross-site scripting.\n\nCVE-2019-8814: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8815: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8816: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8819: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8820: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8821: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8822: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nCVE-2019-8823: Fixed multiple memory corruption issues where by\nprocessing maliciously crafted web content may lead to arbitrary code\nexecution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8551/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8558/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8559/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8563/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8625/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8674/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8681/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8684/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8686/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8687/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8688/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8689/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8690/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8707/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8710/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8719/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8720/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8726/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8733/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8735/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8743/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8763/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8764/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8765/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8768/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8769/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8771/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8783/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8811/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8812/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8813/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8814/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8816/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8819/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8820/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8821/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8822/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8823/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193044-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?142945de\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3044=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-3044=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-3044=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-3044=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-3044=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-3044=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8816\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-8823\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit-jsc-4-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit-jsc-4-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-debugsource-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-devel-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-minibrowser-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit-jsc-4-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit-jsc-4-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk3-debugsource-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk3-devel-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit-jsc-4-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit-jsc-4-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-debugsource-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-devel-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-minibrowser-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-WebKit2-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit-jsc-4-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit-jsc-4-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk3-debugsource-2.26.2-3.34.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk3-devel-2.26.2-3.34.3\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-28T16:01:20", "description": "The remote host is running a version of macOS or Mac OS X that is 10.15.x prior to 10.15.1, 10.14.x prior to 10.14.6 security update 2019-001, 10.13.x prior to 10.13.6 security update 2019-006. It is, therefore, affected by multiple vulnerabilities :\n\n - An out-of-bounds read error exists in the accounts component due to improper input validation. A remote attacker can exploit this, to disclose memory contents. (CVE-2019-8787)\n\n - A security bypass vulnerability exists in the App Store component due to an improper state management implementation. A local attacker can exploit this, to login to the account of a previously logged in user without valid credentials. (CVE-2019-8803)\n\n - An out-of-bounds read error exists in the IOGraphics component due to improper bounds checking. A local attacker can exploit this, to cause unexpected system termination or to read kernel memory. (CVE-2019-8759)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "macOS 10.15.x < 10.15.1 / 10.14.x < 10.14.6 Security Update 2019-001 / 10.13.x < 10.13.6 Security Update 2019-006", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7152", "CVE-2018-12152", "CVE-2018-12153", "CVE-2018-12154", "CVE-2019-11041", "CVE-2019-11042", "CVE-2019-15126", "CVE-2019-8509", "CVE-2019-8592", "CVE-2019-8705", "CVE-2019-8706", "CVE-2019-8708", "CVE-2019-8709", "CVE-2019-8715", "CVE-2019-8716", "CVE-2019-8717", "CVE-2019-8736", "CVE-2019-8737", "CVE-2019-8744", "CVE-2019-8745", "CVE-2019-8746", "CVE-2019-8748", "CVE-2019-8749", "CVE-2019-8750", "CVE-2019-8754", "CVE-2019-8756", "CVE-2019-8759", "CVE-2019-8761", "CVE-2019-8767", "CVE-2019-8772", "CVE-2019-8784", "CVE-2019-8785", "CVE-2019-8786", "CVE-2019-8787", "CVE-2019-8788", "CVE-2019-8789", "CVE-2019-8794", "CVE-2019-8797", "CVE-2019-8798", "CVE-2019-8801", "CVE-2019-8802", "CVE-2019-8803", "CVE-2019-8805", "CVE-2019-8807", "CVE-2019-8817", "CVE-2019-8824", "CVE-2019-8825", "CVE-2019-8829", "CVE-2019-8831", "CVE-2019-8850", "CVE-2019-8858"], "modified": "2021-01-28T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT210722.NASL", "href": "https://www.tenable.com/plugins/nessus/130967", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130967);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/28\");\n\n script_cve_id(\n \"CVE-2017-7152\",\n \"CVE-2018-12152\",\n \"CVE-2018-12153\",\n \"CVE-2018-12154\",\n \"CVE-2019-8509\",\n \"CVE-2019-8592\",\n \"CVE-2019-8705\",\n \"CVE-2019-8706\",\n \"CVE-2019-8708\",\n \"CVE-2019-8709\",\n \"CVE-2019-8715\",\n \"CVE-2019-8716\",\n \"CVE-2019-8717\",\n \"CVE-2019-8736\",\n \"CVE-2019-8737\",\n \"CVE-2019-8744\",\n \"CVE-2019-8745\",\n \"CVE-2019-8746\",\n \"CVE-2019-8748\",\n \"CVE-2019-8749\",\n \"CVE-2019-8750\",\n \"CVE-2019-8754\",\n \"CVE-2019-8756\",\n \"CVE-2019-8759\",\n \"CVE-2019-8761\",\n \"CVE-2019-8767\",\n \"CVE-2019-8772\",\n \"CVE-2019-8784\",\n \"CVE-2019-8785\",\n \"CVE-2019-8786\",\n \"CVE-2019-8787\",\n \"CVE-2019-8788\",\n \"CVE-2019-8789\",\n \"CVE-2019-8794\",\n \"CVE-2019-8797\",\n \"CVE-2019-8798\",\n \"CVE-2019-8801\",\n \"CVE-2019-8802\",\n \"CVE-2019-8803\",\n \"CVE-2019-8805\",\n \"CVE-2019-8807\",\n \"CVE-2019-8817\",\n \"CVE-2019-8824\",\n \"CVE-2019-8825\",\n \"CVE-2019-8829\",\n \"CVE-2019-8831\",\n \"CVE-2019-8850\",\n \"CVE-2019-8858\",\n \"CVE-2019-11041\",\n \"CVE-2019-11042\",\n \"CVE-2019-15126\"\n );\n script_bugtraq_id(103136, 105582);\n script_xref(name:\"APPLE-SA\", value:\"HT210722\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-10-29\");\n\n script_name(english:\"macOS 10.15.x < 10.15.1 / 10.14.x < 10.14.6 Security Update 2019-001 / 10.13.x < 10.13.6 Security Update 2019-006\");\n script_summary(english:\"Checks the version of macOS or Mac OS X.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update that fixes multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS or Mac OS X that is 10.15.x prior to 10.15.1, 10.14.x prior to 10.14.6 \nsecurity update 2019-001, 10.13.x prior to 10.13.6 security update 2019-006. It is, therefore, affected by multiple \nvulnerabilities :\n\n - An out-of-bounds read error exists in the accounts component due to improper input validation. A remote\n attacker can exploit this, to disclose memory contents. (CVE-2019-8787)\n\n - A security bypass vulnerability exists in the App Store component due to an improper state management\n implementation. A local attacker can exploit this, to login to the account of a previously logged in user\n without valid credentials. (CVE-2019-8803)\n\n - An out-of-bounds read error exists in the IOGraphics component due to improper bounds checking. A local\n attacker can exploit this, to cause unexpected system termination or to read kernel memory. \n (CVE-2019-8759)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n # https://support.apple.com/en-us/HT210722\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?39d6c45e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 10.15.1 / 10.14.6 security update 2019-001 / 10.13.6 security update 2019-006 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude('lists.inc');\ninclude('vcf.inc');\ninclude('vcf_extras_apple.inc');\n\napp_info = vcf::apple::macos::get_app_info();\n\nconstraints = [\n { 'min_version': '10.13', 'max_version': '10.13.6', 'fixed_build': '17G9016', 'fixed_display': '10.13.6 Security Update 2019-006' },\n { 'min_version': '10.14', 'max_version': '10.14.6', 'fixed_build': '18G1012', 'fixed_display': '10.14.6 Security Update 2019-001' },\n { 'min_version': '10.15', 'fixed_version': '10.15.1' }\n];\n\nvcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:05", "description": "These vulnerabilities have been discovered in the webkit2gtk web engine :\n\n - CVE-2019-8812 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution.\n\n - CVE-2019-8814 Cheolung Lee discovered that maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "nessus", "title": "Debian DSA-4563-1 : webkit2gtk - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:webkit2gtk", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4563.NASL", "href": "https://www.tenable.com/plugins/nessus/130981", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4563. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130981);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_xref(name:\"DSA\", value:\"4563\");\n\n script_name(english:\"Debian DSA-4563-1 : webkit2gtk - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"These vulnerabilities have been discovered in the webkit2gtk web\nengine :\n\n - CVE-2019-8812\n An anonymous researcher discovered that maliciously\n crafted web content may lead to arbitrary code\n execution.\n\n - CVE-2019-8814\n Cheolung Lee discovered that maliciously crafted web\n content may lead to arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-8812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-8814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/webkit2gtk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/webkit2gtk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4563\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the webkit2gtk packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 2.26.2-1~deb10+1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8814\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:webkit2gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"gir1.2-javascriptcoregtk-4.0\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"gir1.2-webkit2-4.0\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-18\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-bin\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-dev\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-37\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-37-gtk2\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-dev\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-doc\", reference:\"2.26.2-1~deb10+1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"webkit2gtk-driver\", reference:\"2.26.2-1~deb10+1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:51", "description": "- Improve performance of querying system fallback fonts.\n\n - Don’t use prgname in dbus-proxy socket path.\n\n - Fix thread-safety issues in image decoders.\n\n - Fix the build with WebDriver disabled.\n\n - Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland.\n\n - Fill the objects category in emoji picker.\n\n - Fix several crashes and rendering issues.\n\n - [CVE-2019-8812](https://webkitgtk.org/security/WSA-2019- 0006.html#CVE-2019-8812)\n\n - [CVE-2019-8814](https://webkitgtk.org/security/WSA-2019- 0006.html#CVE-2019-8814)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-15T00:00:00", "type": "nessus", "title": "Fedora 31 : webkit2gtk3 (2019-fa0c4b0674)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkit2gtk3", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-FA0C4B0674.NASL", "href": "https://www.tenable.com/plugins/nessus/131048", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-fa0c4b0674.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131048);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_xref(name:\"FEDORA\", value:\"2019-fa0c4b0674\");\n\n script_name(english:\"Fedora 31 : webkit2gtk3 (2019-fa0c4b0674)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Improve performance of querying system fallback fonts.\n\n - Don’t use prgname in dbus-proxy socket path.\n\n - Fix thread-safety issues in image decoders.\n\n - Fix the build with WebDriver disabled.\n\n - Disable accelerated compositing when we fail to\n initialize the EGL dispaly under Wayland.\n\n - Fill the objects category in emoji picker.\n\n - Fix several crashes and rendering issues.\n\n -\n [CVE-2019-8812](https://webkitgtk.org/security/WSA-2019-\n 0006.html#CVE-2019-8812)\n\n -\n [CVE-2019-8814](https://webkitgtk.org/security/WSA-2019-\n 0006.html#CVE-2019-8814)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa0c4b0674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0006.html#CVE-2019-8814\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkit2gtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8814\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"webkit2gtk3-2.26.2-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:18", "description": "- Improve performance of querying system fallback fonts.\n\n - Don’t use prgname in dbus-proxy socket path.\n\n - Fix thread-safety issues in image decoders.\n\n - Fix the build with WebDriver disabled.\n\n - Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland.\n\n - Fill the objects category in emoji picker.\n\n - Fix several crashes and rendering issues.\n\n - [CVE-2019-8812](https://webkitgtk.org/security/WSA-2019- 0006.html#CVE-2019-8812)\n\n - [CVE-2019-8814](https://webkitgtk.org/security/WSA-2019- 0006.html#CVE-2019-8814)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-15T00:00:00", "type": "nessus", "title": "Fedora 30 : webkit2gtk3 (2019-4213e37211)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkit2gtk3", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-4213E37211.NASL", "href": "https://www.tenable.com/plugins/nessus/131038", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4213e37211.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131038);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_xref(name:\"FEDORA\", value:\"2019-4213e37211\");\n\n script_name(english:\"Fedora 30 : webkit2gtk3 (2019-4213e37211)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Improve performance of querying system fallback fonts.\n\n - Don’t use prgname in dbus-proxy socket path.\n\n - Fix thread-safety issues in image decoders.\n\n - Fix the build with WebDriver disabled.\n\n - Disable accelerated compositing when we fail to\n initialize the EGL dispaly under Wayland.\n\n - Fill the objects category in emoji picker.\n\n - Fix several crashes and rendering issues.\n\n -\n [CVE-2019-8812](https://webkitgtk.org/security/WSA-2019-\n 0006.html#CVE-2019-8812)\n\n -\n [CVE-2019-8814](https://webkitgtk.org/security/WSA-2019-\n 0006.html#CVE-2019-8814)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4213e37211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0006.html#CVE-2019-8814\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkit2gtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8814\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"webkit2gtk3-2.26.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T16:52:22", "description": "A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-4181-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8812", "CVE-2019-8814"], "modified": "2023-10-20T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2", "p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev", "p-cpe:/a:canonical:ubuntu_linux:webkit2gtk-driver", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0"], "id": "UBUNTU_USN-4181-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130961", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4181-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130961);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\"CVE-2019-8812\", \"CVE-2019-8814\");\n script_xref(name:\"USN\", value:\"4181-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-4181-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"A large number of security issues were discovered in the WebKitGTK+\nWeb and JavaScript engines. If a user were tricked into viewing a\nmalicious website, a remote attacker could exploit a variety of issues\nrelated to web browser security, including cross-site scripting\nattacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4181-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8814\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:webkit2gtk-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libwebkit2gtk-4.0-37-gtk2', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.26.2-0ubuntu0.18.04.1'},\n {'osver': '18.04', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.26.2-0ubuntu0.18.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-webkit2-4.0 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:43:28", "description": "The version of Apple iOS running on the mobile device is prior to 13.1. It is, therefore, affected by multiple vulnerabilities including the following: \n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8740)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges. (CVE-2019-8831)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1.\n An application may be able to execute arbitrary code with kernel privileges. (CVE-2019-8747)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-07-14T00:00:00", "type": "nessus", "title": "Apple iOS < 13.1 Multiple Vulnerabilities (HT210603)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8740", "CVE-2019-8747", "CVE-2019-8831"], "modified": "2023-09-25T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_131_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/151621", "sourceData": "Binary data apple_ios_131_check.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-27T14:16:36", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710, CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806, CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893, CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : GNOME (CESA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:libraw", "p-cpe:/a:centos:centos:libraw-devel", "p-cpe:/a:centos:centos:gnome-settings-daemon", "p-cpe:/a:centos:centos:webkit2gtk3", "p-cpe:/a:centos:centos:webkit2gtk3-devel", "p-cpe:/a:centos:centos:webkit2gtk3-jsc", "p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel"], "id": "CENTOS8_RHSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/145826", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:4451. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145826);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"RHSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"CentOS 8 : GNOME (CESA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710,\n CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812,\n CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806,\n CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893,\n CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution\n (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4451\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / gnome-settings-daemon / webkit2gtk3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-27T14:22:20", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4451 advisory.\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : GNOME (ELSA-2020-4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libraw", "p-cpe:/a:oracle:linux:libraw-devel", "p-cpe:/a:oracle:linux:packagekit", "p-cpe:/a:oracle:linux:packagekit-command-not-found", "p-cpe:/a:oracle:linux:packagekit-cron", "p-cpe:/a:oracle:linux:packagekit-glib", "p-cpe:/a:oracle:linux:packagekit-glib-devel", "p-cpe:/a:oracle:linux:packagekit-gstreamer-plugin", "p-cpe:/a:oracle:linux:packagekit-gtk3-module", "p-cpe:/a:oracle:linux:dleyna-renderer", "p-cpe:/a:oracle:linux:frei0r-devel", "p-cpe:/a:oracle:linux:frei0r-plugins", "p-cpe:/a:oracle:linux:frei0r-plugins-opencv", "p-cpe:/a:oracle:linux:gdm", "p-cpe:/a:oracle:linux:gnome-classic-session", "p-cpe:/a:oracle:linux:gnome-control-center", "p-cpe:/a:oracle:linux:gnome-control-center-filesystem", "p-cpe:/a:oracle:linux:gnome-photos", "p-cpe:/a:oracle:linux:gnome-photos-tests", "p-cpe:/a:oracle:linux:gnome-remote-desktop", "p-cpe:/a:oracle:linux:gnome-session", "p-cpe:/a:oracle:linux:gnome-session-wayland-session", "p-cpe:/a:oracle:linux:gnome-session-xsession", "p-cpe:/a:oracle:linux:gnome-settings-daemon", "p-cpe:/a:oracle:linux:gnome-shell", "p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows", "p-cpe:/a:oracle:linux:gnome-shell-extension-common", "p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock", "p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield", "p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance", "p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement", "p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner", "p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites", "p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:oracle:linux:gnome-shell-extension-systemmonitor", "p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog", "p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-list", "p-cpe:/a:oracle:linux:gnome-shell-extension-windowsnavigator", "p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator", "p-cpe:/a:oracle:linux:gnome-terminal", "p-cpe:/a:oracle:linux:gnome-terminal-nautilus", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:oracle:linux:gtk-doc", "p-cpe:/a:oracle:linux:gtk-update-icon-cache", "p-cpe:/a:oracle:linux:gtk3", "p-cpe:/a:oracle:linux:gtk3-devel", "p-cpe:/a:oracle:linux:gtk3-immodule-xim", "p-cpe:/a:oracle:linux:gvfs", "p-cpe:/a:oracle:linux:gvfs-afc", "p-cpe:/a:oracle:linux:gvfs-afp", "p-cpe:/a:oracle:linux:gvfs-archive", "p-cpe:/a:oracle:linux:gvfs-client", "p-cpe:/a:oracle:linux:gvfs-devel", "p-cpe:/a:oracle:linux:gvfs-fuse", "p-cpe:/a:oracle:linux:gvfs-goa", "p-cpe:/a:oracle:linux:gvfs-gphoto2", "p-cpe:/a:oracle:linux:gvfs-mtp", "p-cpe:/a:oracle:linux:gvfs-smb", "p-cpe:/a:oracle:linux:libsoup", "p-cpe:/a:oracle:linux:libsoup-devel", "p-cpe:/a:oracle:linux:mutter", "p-cpe:/a:oracle:linux:mutter-devel", "p-cpe:/a:oracle:linux:nautilus", "p-cpe:/a:oracle:linux:nautilus-devel", "p-cpe:/a:oracle:linux:nautilus-extensions", "p-cpe:/a:oracle:linux:pipewire", "p-cpe:/a:oracle:linux:pipewire-devel", "p-cpe:/a:oracle:linux:pipewire-doc", "p-cpe:/a:oracle:linux:pipewire-libs", "p-cpe:/a:oracle:linux:pipewire-utils", "p-cpe:/a:oracle:linux:pipewire0.2-devel", "p-cpe:/a:oracle:linux:pipewire0.2-libs", "p-cpe:/a:oracle:linux:potrace", "p-cpe:/a:oracle:linux:pygobject3-devel", "p-cpe:/a:oracle:linux:python3-gobject", "p-cpe:/a:oracle:linux:python3-gobject-base", "p-cpe:/a:oracle:linux:tracker", "p-cpe:/a:oracle:linux:tracker-devel", "p-cpe:/a:oracle:linux:vte-profile", "p-cpe:/a:oracle:linux:vte291", "p-cpe:/a:oracle:linux:vte291-devel", "p-cpe:/a:oracle:linux:webkit2gtk3", "p-cpe:/a:oracle:linux:webkit2gtk3-devel", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel", "p-cpe:/a:oracle:linux:webrtc-audio-processing", "p-cpe:/a:oracle:linux:xdg-desktop-portal", "p-cpe:/a:oracle:linux:xdg-desktop-portal-gtk"], "id": "ORACLELINUX_ELSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/142763", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4451.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142763);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Oracle Linux 8 : GNOME (ELSA-2020-4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-4451 advisory.\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp,\n postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example,\n malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-4451.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-command-not-found\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-gstreamer-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-gtk3-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dleyna-renderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-plugins-opencv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-photos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-photos-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-terminal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-terminal-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-afc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-afp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-archive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-fuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-goa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-gphoto2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-mtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsoup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire0.2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:potrace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pygobject3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte291\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte291-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webrtc-audio-processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xdg-desktop-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xdg-desktop-portal-gtk\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'dleyna-renderer-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'i686', 'release':'8', 'epoch':'1'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'gnome-classic-session-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-control-center-3.28.2-22.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-control-center-3.28.2-22.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-control-center-filesystem-3.28.2-22.el8', 'release':'8'},\n {'reference':'gnome-photos-3.28.1-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-photos-tests-3.28.1-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-wayland-session-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-wayland-session-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-xsession-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-xsession-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-shell-3.32.2-20.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-shell-3.32.2-20.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-common-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-window-list-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-terminal-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-terminal-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-terminal-nautilus-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-terminal-nautilus-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-afc-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-afc-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-afp-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-afp-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-archive-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-archive-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-fuse-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-fuse-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-goa-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-goa-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-gphoto2-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-gphoto2-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-mtp-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-mtp-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-smb-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-smb-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-command-not-found-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-command-not-found-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-cron-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-cron-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'xdg-desktop-portal-1.6.0-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'xdg-desktop-portal-1.6.0-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / PackageKit / etc');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-28T14:53:17", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2021-0059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0059_WEBKIT2GTK3.NASL", "href": "https://www.tenable.com/plugins/nessus/147363", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0059. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147363);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2021-0059)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by\nmultiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0059\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL webkit2gtk3 packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL MAIN 6.02': [\n 'webkit2gtk3-2.28.4-1.el8',\n 'webkit2gtk3-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-debugsource-2.28.4-1.el8',\n 'webkit2gtk3-devel-2.28.4-1.el8',\n 'webkit2gtk3-devel-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-doc-2.28.4-1.el8',\n 'webkit2gtk3-jsc-2.28.4-1.el8',\n 'webkit2gtk3-jsc-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-jsc-devel-2.28.4-1.el8',\n 'webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkit2gtk3');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-27T14:19:25", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : GNOME (ALSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libraw-devel", "p-cpe:/a:alma:linux:packagekit", "p-cpe:/a:alma:linux:packagekit-command-not-found", "p-cpe:/a:alma:linux:packagekit-cron", "p-cpe:/a:alma:linux:packagekit-glib", "p-cpe:/a:alma:linux:packagekit-glib-devel", "p-cpe:/a:alma:linux:packagekit-gstreamer-plugin", "p-cpe:/a:alma:linux:packagekit-gtk3-module", "p-cpe:/a:alma:linux:dleyna-renderer", "p-cpe:/a:alma:linux:frei0r-devel", "p-cpe:/a:alma:linux:frei0r-plugins", "p-cpe:/a:alma:linux:frei0r-plugins-opencv", "p-cpe:/a:alma:linux:gnome-remote-desktop", "p-cpe:/a:alma:linux:gsettings-desktop-schemas", "p-cpe:/a:alma:linux:gtk-doc", "p-cpe:/a:alma:linux:gvfs", "p-cpe:/a:alma:linux:libsoup", "p-cpe:/a:alma:linux:libsoup-devel", "p-cpe:/a:alma:linux:mutter-devel", "p-cpe:/a:alma:linux:nautilus", "p-cpe:/a:alma:linux:nautilus-devel", "p-cpe:/a:alma:linux:pipewire", "p-cpe:/a:alma:linux:pipewire-devel", "p-cpe:/a:alma:linux:pipewire-doc", "p-cpe:/a:alma:linux:pipewire-libs", "p-cpe:/a:alma:linux:pipewire-utils", "p-cpe:/a:alma:linux:pipewire0.2-devel", "p-cpe:/a:alma:linux:pipewire0.2-libs", "p-cpe:/a:alma:linux:potrace", "p-cpe:/a:alma:linux:pygobject3-devel", "p-cpe:/a:alma:linux:python3-gobject", "p-cpe:/a:alma:linux:python3-gobject-base", "p-cpe:/a:alma:linux:tracker", "p-cpe:/a:alma:linux:tracker-devel", "p-cpe:/a:alma:linux:vte-profile", "p-cpe:/a:alma:linux:vte291", "p-cpe:/a:alma:linux:vte291-devel", "p-cpe:/a:alma:linux:webrtc-audio-processing", "p-cpe:/a:alma:linux:xdg-desktop-portal-gtk", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/157689", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2020:4451.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157689);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\",\n \"CVE-2021-30666\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\"\n );\n script_xref(name:\"ALSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"AlmaLinux 8 : GNOME (ALSA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it\n improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME\n Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal\n password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp,\n postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example,\n malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2020-4451.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-command-not-found\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-gstreamer-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-gtk3-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dleyna-renderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-plugins-opencv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsoup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire0.2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:potrace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pygobject3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:tracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:tracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte291\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte291-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webrtc-audio-processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:xdg-desktop-portal-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'dleyna-renderer-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw-devel / PackageKit / PackageKit-command-not-found / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-28T14:36:06", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710, CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806, CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893, CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\n - webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-04T00:00:00", "type": "nessus", "title": "RHEL 8 : GNOME (RHSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:libraw", "p-cpe:/a:redhat:enterprise_linux:libraw-devel", "p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel"], "id": "REDHAT-RHSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/142418", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4451. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142418);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"RHSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"RHEL 8 : GNOME (RHSA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710,\n CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812,\n CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806,\n CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893,\n CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution\n (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\n - webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8783\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8835\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9915\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1811721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1829369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1853477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1873093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876537\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876550\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876590\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879538\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986898\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 77, 79, 119, 120, 125, 284, 400, 416, 522, 841);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / gnome-settings-daemon / webkit2gtk3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:32:46", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : GNOME (RLSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:libraw-devel", "p-cpe:/a:rocky:linux:packagekit-glib", "p-cpe:/a:rocky:linux:dleyna-renderer-debugsource", "p-cpe:/a:rocky:linux:frei0r-plugins-opencv", "p-cpe:/a:rocky:linux:gnome-remote-desktop-debuginfo", "p-cpe:/a:rocky:linux:pipewire-doc", "p-cpe:/a:rocky:linux:python3-gobject-base-debuginfo", "p-cpe:/a:rocky:linux:libsoup-debuginfo", "p-cpe:/a:rocky:linux:libsoup-debugsource", "p-cpe:/a:rocky:linux:webrtc-audio-processing-debugsource", "p-cpe:/a:rocky:linux:gnome-session-wayland-session", "p-cpe:/a:rocky:linux:potrace-debugsource", "p-cpe:/a:rocky:linux:dleyna-renderer", "p-cpe:/a:rocky:linux:pipewire", "p-cpe:/a:rocky:linux:pipewire-utils", "p-cpe:/a:rocky:linux:python3-gobject-debuginfo", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk", "p-cpe:/a:rocky:linux:packagekit", "p-cpe:/a:rocky:linux:packagekit-command-not-found", "p-cpe:/a:rocky:linux:frei0r-plugins-opencv-debuginfo", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas", "p-cpe:/a:rocky:linux:pipewire-debuginfo", "p-cpe:/a:rocky:linux:python3-gobject", "p-cpe:/a:rocky:linux:gtk3-debugsource", "p-cpe:/a:rocky:linux:gtk3-devel-debuginfo", "p-cpe:/a:rocky:linux:libsoup", "p-cpe:/a:rocky:linux:pipewire-debugsource", "p-cpe:/a:rocky:linux:pipewire-libs", "p-cpe:/a:rocky:linux:tracker-devel", "p-cpe:/a:rocky:linux:packagekit-glib-debuginfo", "p-cpe:/a:rocky:linux:frei0r-devel", "p-cpe:/a:rocky:linux:frei0r-plugins-debuginfo", "p-cpe:/a:rocky:linux:tracker-debuginfo", "p-cpe:/a:rocky:linux:packagekit-debugsource", "p-cpe:/a:rocky:linux:packagekit-gstreamer-plugin", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:rocky:linux:gtk-update-icon-cache", "p-cpe:/a:rocky:linux:gtk3-immodule-xim-debuginfo", "p-cpe:/a:rocky:linux:pipewire-devel", "p-cpe:/a:rocky:linux:vte291-debugsource", "p-cpe:/a:rocky:linux:packagekit-gtk3-module-debuginfo", "p-cpe:/a:rocky:linux:gnome-session-xsession", "p-cpe:/a:rocky:linux:gtk3-immodule-xim", "p-cpe:/a:rocky:linux:pipewire0.2-libs-debuginfo", "p-cpe:/a:rocky:linux:python3-gobject-base", "p-cpe:/a:rocky:linux:packagekit-glib-devel", "p-cpe:/a:rocky:linux:gnome-session", "p-cpe:/a:rocky:linux:gtk3", "p-cpe:/a:rocky:linux:pipewire0.2-libs", "p-cpe:/a:rocky:linux:vte291-devel", "p-cpe:/a:rocky:linux:gnome-remote-desktop-debugsource", "p-cpe:/a:rocky:linux:gtk3-debuginfo", "p-cpe:/a:rocky:linux:potrace", "p-cpe:/a:rocky:linux:vte-profile", "p-cpe:/a:rocky:linux:vte291-debuginfo", "p-cpe:/a:rocky:linux:packagekit-command-not-found-debuginfo", "p-cpe:/a:rocky:linux:packagekit-debuginfo", "p-cpe:/a:rocky:linux:frei0r-plugins-debugsource", "p-cpe:/a:rocky:linux:gnome-session-debuginfo", "p-cpe:/a:rocky:linux:pygobject3-debuginfo", "p-cpe:/a:rocky:linux:tracker", "p-cpe:/a:rocky:linux:webrtc-audio-processing", "p-cpe:/a:rocky:linux:webrtc-audio-processing-debuginfo", "p-cpe:/a:rocky:linux:libraw", "p-cpe:/a:rocky:linux:packagekit-gstreamer-plugin-debuginfo", "p-cpe:/a:rocky:linux:pipewire0.2-debugsource", "p-cpe:/a:rocky:linux:dleyna-renderer-debuginfo", "p-cpe:/a:rocky:linux:gtk-update-icon-cache-debuginfo", "p-cpe:/a:rocky:linux:gtk3-devel", "p-cpe:/a:rocky:linux:libsoup-devel", "p-cpe:/a:rocky:linux:pipewire-utils-debuginfo", "p-cpe:/a:rocky:linux:packagekit-gtk3-module", "p-cpe:/a:rocky:linux:gnome-session-debugsource", "p-cpe:/a:rocky:linux:pipewire0.2-devel", "p-cpe:/a:rocky:linux:vte291", "p-cpe:/a:rocky:linux:vte291-devel-debuginfo", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debugsource", "p-cpe:/a:rocky:linux:libraw-debuginfo", "p-cpe:/a:rocky:linux:libraw-debugsource", "p-cpe:/a:rocky:linux:packagekit-cron", "p-cpe:/a:rocky:linux:frei0r-plugins", "p-cpe:/a:rocky:linux:gnome-remote-desktop", "p-cpe:/a:rocky:linux:pipewire-libs-debuginfo", "p-cpe:/a:rocky:linux:potrace-debuginfo", "p-cpe:/a:rocky:linux:pygobject3-debugsource", "p-cpe:/a:rocky:linux:pygobject3-devel", "p-cpe:/a:rocky:linux:tracker-debugsource", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-4451.NASL",

About the security content of watchOS 6.1

Description

Affected Software

Related