Apple macOS XML use after free

A vulnerability has been found in Apple macOS (Operating System) (the affected version is unknown) and classified as critical. This vulnerability affects an unknown function of the component XML Handler. Upgrading eliminates this vulnerability.

Field	04/03/2021 10:39 AM	04/08/2021 03:26 PM
vendor	Apple	Apple
name	macOS	macOS
component	XML Handler	XML Handler
cwe	416 (memory corruption)	416 (memory corruption)
risk	2	2
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	R	R
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
name	Upgrade	Upgrade
cve	CVE-2020-9926	CVE-2020-9926
date	1617400800 (04/03/2021)	1617400800 (04/03/2021)
type	Operating System	Operating System
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	L	L
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_rc	C	C
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_e	ND	ND
cvss3_vuldb_e	X	X
cvss2_vuldb_basescore	7.5	7.5
cvss2_vuldb_tempscore	7.5	6.5
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	6.3	6.0
cvss3_meta_basescore	6.3	6.3
cvss3_meta_tempscore	6.3	6.0
price_0day	$5k-$25k	$5k-$25k
price_trend	+	+
cve_assigned		1583103600
cve_nvd_summary		A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!