Lucene search

Ubuntu.comUB:CVE-2020-9794

HistoryJun 09, 2020 - 12:00 a.m.

CVE-2020-9794

2020-06-0900:00:00

ubuntu.com

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

EPSS

0.005

Percentile

76.9%

JSON

An out-of-bounds read was addressed with improved bounds checking. This
issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS
13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2,
iCloud for Windows 7.19. A malicious application may cause a denial of
service or potentially disclose memory contents.

Notes

Author	Note
mdeslaur	This may be an Apple-specific CVE, as of 2022-09-14, no details are available as to what the vulnerability is. Marking Ubuntu as not-affected.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchsqlite< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	sqlite	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2020-9794

nvd.nist.gov/vuln/detail/CVE-2020-9794

security-tracker.debian.org/tracker/CVE-2020-9794

www.cve.org/CVERecord?id=CVE-2020-9794

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

EPSS

0.005

Percentile

76.9%

JSON

Related for UB:CVE-2020-9794