CVE-2020-3880

Summary

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 13.3affected
ApplemacOSunspecified < 10.15affected
ApplemacOSunspecified < 13.3affected
ApplemacOSunspecified < 6.1affected

Weaknesses

  • Processing a maliciously crafted image may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References