"-Synchronized-Data."

2025-06-10 02:04:31 +00:00 · 2020-12-08 20:02:57 +00:00 · 2020-12-08 20:02:57 +00:00 · 317829617f
commit 317829617f
parent 15ca44bf1f
2 changed files with 160 additions and 6 deletions
--- a/2020/10xxx/CVE-2020-10003.json
+++ b/2020/10xxx/CVE-2020-10003.json
@ -4,14 +4,107 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-10003",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "product-security@apple.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Apple",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "watchOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "7.1"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "iOS and iPadOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "14.2"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "tvOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "14.2"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "macOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "11.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "A local attacker may be able to elevate \u00a0their privileges"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211931",
+                "name": "https://support.apple.com/en-us/HT211931"
+            },
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211928",
+                "name": "https://support.apple.com/en-us/HT211928"
+            },
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211929",
+                "name": "https://support.apple.com/en-us/HT211929"
+            },
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211930",
+                "name": "https://support.apple.com/en-us/HT211930"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges."
            }
        ]
    }
--- a/2020/10xxx/CVE-2020-10011.json
+++ b/2020/10xxx/CVE-2020-10011.json
@ -4,14 +4,75 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-10011",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "product-security@apple.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Apple",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "macOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "10.15"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "macOS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_value": "14.2"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211849",
+                "name": "https://support.apple.com/en-us/HT211849"
+            },
+            {
+                "refsource": "MISC",
+                "url": "https://support.apple.com/en-us/HT211929",
+                "name": "https://support.apple.com/en-us/HT211929"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution."
            }
        ]
    }