MEDIUM🇵🇱 Wersja polska

CVE-2019-7289

CVSS 5.5v3.1pub. 2019-12-18upd. 2024-11-21

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Apple Shortcuts

    APP
    Apple
    < 2.1.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2019-7290CRITICAL10.0ten sam produkt

An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for...

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu

CVE-2025-31200CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Apple — memory corruption (RCE) w przetwarzaniu strumieni audio

CVE-2025-31201CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach