CVE-2019-8789

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.
References
Link Resource
https://support.apple.com/HT210721 Vendor Advisory
https://support.apple.com/HT210722 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-18 18:15

Updated : 2024-02-28 17:28


NVD link : CVE-2019-8789

Mitre link : CVE-2019-8789

CVE.ORG link : CVE-2019-8789


JSON object : View

Products Affected

apple

  • mac_os_x
  • iphone_os
  • ipados
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')