A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may overwrite arbitrary mail files.
References
Link | Resource |
---|---|
https://support.apple.com/kb/HT211288 | Vendor Advisory |
https://support.apple.com/kb/HT211289 | Vendor Advisory |
https://support.apple.com/kb/HT211291 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
09 Jan 2023, 16:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* | |
First Time |
Apple ipados
|
Information
Published : 2020-10-22 19:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-9920
Mitre link : CVE-2020-9920
CVE.ORG link : CVE-2020-9920
JSON object : View
Products Affected
apple
- iphone_os
- mac_os_x
- watchos
- ipados
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')