Home > Vulnerability Database > CVE-2020-9894

Mend.io Vulnerability Database

CVE-2020-9894

Date: October 16, 2020

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

Severity Score

4.3

Related Resources (13)

Url: https://access.redhat.com/security/cve/CVE-2020-9894

Url: https://security.alpinelinux.org/vuln/CVE-2020-9894

Url: https://support.apple.com/HT211288

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9894

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-9894

Url: https://support.apple.com/HT211295

Url: https://security-tracker.debian.org/tracker/CVE-2020-9894

Url: https://support.apple.com/HT211294

Url: https://support.apple.com/HT211293

Url: https://support.apple.com/HT211292

Url: https://support.apple.com/HT211291

Url: https://support.apple.com/HT211290

Url: https://www.mend.io/vulnerability-database/CVE-2020-9894

Severity Score

4.3

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-9894

Date: October 16, 2020

Severity Score

Related Resources (13)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?