CVE-2019-8668: Input Validation
First published: Mon Jul 22 2019(Updated: )
Image Processing. A denial of service issue was addressed with improved validation.
Credit: an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPhone OS | <12.4 | |
| Apple tvOS | <12.4 | |
| Apple watchOS | <5.3 | |
| Apple tvOS | <12.4 | 12.4 |
| Apple watchOS | <5.3 | 5.3 |
| Apple iOS | <12.4 | 12.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210346 (Advisory)
- https://support.apple.com/en-us/HT210351 (Advisory)
- https://support.apple.com/en-us/HT210353 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-9506
- CVE-2020-10135
- CVE-2019-8646
- CVE-2019-8647
- CVE-2019-8660
- CVE-2019-8624
- CVE-2019-8648
- CVE-2018-16860
- CVE-2019-8668
- CVE-2019-8633
- CVE-2019-13118
- CVE-2019-8659
- CVE-2019-8665
- CVE-2019-8662
- CVE-2019-8657
- CVE-2019-8682
- CVE-2019-8658
- CVE-2019-8669
- CVE-2019-8672
- CVE-2019-8676
- CVE-2019-8683
- CVE-2019-8684
- CVE-2019-8685
- CVE-2019-8688
- CVE-2019-8689
- CVE-2019-8702
- CVE-2019-8698
- CVE-2019-8690
- CVE-2019-8649
- CVE-2019-8644
- CVE-2019-8666
- CVE-2019-8671
- CVE-2019-8673
- CVE-2019-8677
- CVE-2019-8678
- CVE-2019-8679
- CVE-2019-8680
- CVE-2019-8681
- CVE-2019-8686
- CVE-2019-8687
- CVE-2019-8663
- CVE-2019-8699
Frequently Asked Questions
What is CVE-2019-8668?
CVE-2019-8668 is a vulnerability that allows an attacker to cause a denial of service by processing a maliciously crafted image.
How can I fix CVE-2019-8668?
To fix CVE-2019-8668, update your Apple devices to iOS 12.4, tvOS 12.4, or watchOS 5.3.
What is the severity of CVE-2019-8668?
The severity of CVE-2019-8668 is medium with a CVSS score of 5.5.
Which Apple products are affected by CVE-2019-8668?
CVE-2019-8668 affects iOS, tvOS, and watchOS devices. Specifically, iOS versions up to but not including 12.4, tvOS up to but not including 12.4, and watchOS up to but not including 5.3.
Is there any additional information about CVE-2019-8668?
Additional information about CVE-2019-8668 can be found on Apple's support page.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/event
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple watchos
- canonical/apple iphone os
- canonical/apple tvos
- canonical/apple ios