CVE-2020-3847

Published: Apr 1, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to leak memory.

Affected (1)

Products: Apple: Mac Os X

Apple

1 product

Mac Os X

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Before 10.15.3

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://support.apple.com/HT210919

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/HT210919

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.