2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2020-29610" ,
"sourceIdentifier" : "product-security@apple.com" ,
"published" : "2021-04-02T18:15:17.170" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T05:24:18.707" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may disclose restricted memory."
} ,
{
"lang" : "es" ,
"value" : "Se abord\u00f3 una lectura fuera de l\u00edmites con una comprobaci\u00f3n de la entrada mejorada. Este problema es corregido en watchOS versi\u00f3n 7.2, macOS Big Sur versi\u00f3n 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS versi\u00f3n 14.3 y iPadOS versi\u00f3n 14.3, tvOS versi\u00f3n 14.3. El procesamiento de un archivo de audio dise\u00f1ado malicioso puede divulgar una memoria restringida."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 5.5 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "LOCAL" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.8 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-125"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "14.3" ,
"matchCriteriaId" : "0D8BA3D3-D515-4592-9805-E7B3C17343AF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "14.3" ,
"matchCriteriaId" : "8B16DB0D-3DD4-492A-9D99-670C7B6136EA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "10.14" ,
"versionEndExcluding" : "10.14.6" ,
"matchCriteriaId" : "6DE2B03F-94EE-4E32-B366-FE31A7031403"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "10.15" ,
"versionEndExcluding" : "10.15.7" ,
"matchCriteriaId" : "DB8A73F8-3074-4B32-B9F6-343B6B1988C5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "693E7DAE-BBF0-4D48-9F8A-20DDBD4AAC0C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*" ,
"matchCriteriaId" : "CFE26ECC-A2C2-4501-9950-510DE0E1BD86"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*" ,
"matchCriteriaId" : "26108BEF-0847-4AB0-BD98-35344DFA7835"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*" ,
"matchCriteriaId" : "0D5D1970-6D2A-42CA-A203-42023D71730D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*" ,
"matchCriteriaId" : "C68AE52B-5139-40A4-AE9A-E752DBF07D1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*" ,
"matchCriteriaId" : "0FD3467D-7679-479F-9C0B-A93F7CD0929D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*" ,
"matchCriteriaId" : "D4C6098E-EDBD-4A85-8282-B2E9D9333872"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*" ,
"matchCriteriaId" : "518BB47B-DD76-4E8C-9F10-7EBC1E146191"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*" ,
"matchCriteriaId" : "63940A55-D851-46EB-9668-D82BEFC1FE95"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*" ,
"matchCriteriaId" : "68C7A97A-3801-44FA-96CA-10298FA39883"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*" ,
"matchCriteriaId" : "6D69914D-46C7-4A0E-A075-C863C1692D33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*" ,
"matchCriteriaId" : "2C88BD98-46F5-447F-963A-FB9B167E31BE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C7A0615B-D958-4BBF-B53F-AA839A0FE845"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1C795B9-E58D-467C-83A8-2D45C792292F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "11.0" ,
"versionEndExcluding" : "11.1.0" ,
"matchCriteriaId" : "99A75B7B-602D-402C-8CCD-4AE194F00214"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "14.3" ,
"matchCriteriaId" : "24E35E29-5575-4EEB-B8A6-D333149E4B3F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.2" ,
"matchCriteriaId" : "EBB77299-35F0-4730-9853-D939C77E3FBE"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://support.apple.com/en-us/HT212003" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212005" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212009" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212011" ,
"source" : "product-security@apple.com" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://support.apple.com/en-us/HT212003" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212005" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212009" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://support.apple.com/en-us/HT212011" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
