Lucene search
AppleCVELIST:CVE-2020-9901HistoryOct 22, 2020 - 6:03 p.m.
CVE-2020-9901
2020-10-2218:03:51
apple
www.cve.org
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges.
CNA Affected
[
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 13.6 and iPadOS 13.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Catalina 10.15.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 13.4.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2020-9901
2020-10-22 19:15:14
nvd
nvd
CVE-2020-9901
2020-10-22 19:15:14
prion
prion
Path traversal
2020-10-22 19:15:00
apple
apple
About the security content of tvOS 13.4.8 - Apple Support
2020-12-15 05:58:45
About the security content of tvOS 13.4.8
2020-07-15 00:00:00
About the security content of iOS 13.6 and iPadOS 13.6 - Apple Support
2020-12-15 05:18:44
nessus
nessus