CVE-2019-8722: Input Validation
First published: Fri Sep 20 2019(Updated: )
ld64. Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4.
Credit: product-security@apple.com Pan ZhenPeng Qihoo 360 Nirvan TeamPan ZhenPeng Qihoo 360 Nirvan TeamPan ZhenPeng Qihoo 360 Nirvan TeamPan ZhenPeng Qihoo 360 Nirvan Team
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Xcode | <11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for ld64 vulnerability?
The vulnerability ID for ld64 vulnerability is CVE-2019-8722.
What is the severity level of CVE-2019-8722?
The severity level of CVE-2019-8722 is critical.
How can this vulnerability be exploited?
This vulnerability can be exploited by compiling code without proper input validation, potentially leading to arbitrary code execution with user privilege.
Which versions of Xcode are affected by CVE-2019-8722?
Xcode versions up to and excluding 11.0 are affected by CVE-2019-8722.
How can I fix CVE-2019-8722?
To fix CVE-2019-8722, update Xcode to version 11.0 or later.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/event
- agent/description
- agent/trending
- agent/source
- agent/tags
- collector/apple-support
- alias/CVE-2019-8722
- alias/CVE-2019-8723
- alias/CVE-2019-8724
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple xcode