MEDIUM🇬🇧 English

CVE-2019-8790

CVSS 5.5v3.1pub. 2020-10-27upd. 2024-11-21

This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Apple Swift

    APP
    Apple
    < 5.1.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-1642HIGH7.5ten sam produkt

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially ...

CVE-2020-9861HIGH7.5ten sam produkt

A stack overflow issue existed in Swift for Linux. The issue was addressed with improved input validation for ...

CVE-2018-4220HIGH8.8ten sam produkt

An issue was discovered in certain Apple products. Swift before 4.1.1 Security Update 2018-001 is affected. Th...

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu