What is the vulnerability ID of this issue?

The vulnerability ID is CVE-2019-8736.

What is the severity of CVE-2019-8736?

The severity is medium with a CVSS score of 6.5.

Which software versions are affected by CVE-2019-8736?

The affected software versions are macOS Catalina up to and including 10.15, and macOS Catalina 10.15.1 (up to but not including).

Vulnerability/
CVE-2019-8736

medium

6.5

CWE

7/10/2019

27/10/2020

21/7/2021

CVE-2019-8736: Input Validation

Q: Does Apple provide a fix for CVE-2019-8736?

Yes, Apple has fixed this issue in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006.

First published: Mon Oct 07 2019(Updated: )

An input validation issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged network position may be able to leak sensitive user information.

Credit: product-security@apple.com Pawel Gocyla ING Tech PolandPawel Gocyla ING Tech Poland

Affected Software	Affected Version	How to fix
Apple Mac OS X	<10.15
Apple macOS Catalina	<10.15	10.15
Apple macOS Catalina	<10.15.1	10.15.1

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT210634 (Advisory)
https://support.apple.com/en-us/HT210722 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2019-8748
CVE-2019-11041
CVE-2019-11042
CVE-2019-8706
CVE-2019-8850
CVE-2019-8774
CVE-2019-8753
CVE-2019-8705
CVE-2019-8592
CVE-2019-8741
CVE-2019-8825
CVE-2019-8757
CVE-2019-8736
CVE-2019-8767
CVE-2019-8737
CVE-2019-8776
CVE-2019-8509
CVE-2019-8746
CVE-2018-12152
CVE-2018-12153
CVE-2018-12154
CVE-2019-8759
CVE-2019-8758
CVE-2019-8755
CVE-2019-8703
CVE-2019-8809
CVE-2019-8744
CVE-2019-8717
CVE-2019-8709
CVE-2019-8781
CVE-2019-8749
CVE-2019-8756
CVE-2019-8750
CVE-2019-8799
CVE-2019-8826
CVE-2019-8730
CVE-2019-8772
CVE-2019-8708
CVE-2019-8715
CVE-2019-8855
CVE-2019-8770
CVE-2019-8701
CVE-2019-8761
CVE-2019-8745
CVE-2019-8831
CVE-2019-8769
CVE-2019-8768
CVE-2019-8854
CVE-2019-8787
CVE-2019-8796
CVE-2019-8824
CVE-2019-8803
CVE-2019-8817
CVE-2019-8716
CVE-2019-8788
CVE-2019-8785
CVE-2019-8797
CVE-2019-8789
CVE-2017-7152
CVE-2019-8798
CVE-2019-8784
CVE-2019-8807
CVE-2019-8801
CVE-2019-8794
CVE-2019-8786
CVE-2019-8829
CVE-2019-8802
CVE-2019-8858
CVE-2019-8805
CVE-2019-8754
CVE-2019-15126

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2019-8736.
What is the severity of CVE-2019-8736?
The severity is medium with a CVSS score of 6.5.
Which software versions are affected by CVE-2019-8736?
The affected software versions are macOS Catalina up to and including 10.15, and macOS Catalina 10.15.1 (up to but not including).
How can an attacker exploit CVE-2019-8736?
An attacker in a privileged network position may be able to leak sensitive user information.
Does Apple provide a fix for CVE-2019-8736?
Yes, Apple has fixed this issue in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006.

collector/nvd-index
collector/apple-support
vendor/apple
canonical/apple mac os x
canonical/apple macos catalina

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.