What is CVE-2019-8749?

CVE-2019-8749 is a vulnerability that involves multiple memory corruption issues in libxml2, which have been addressed with improved input validation.

What is the severity of CVE-2019-8749?

The severity of CVE-2019-8749 is critical with a severity value of 9.8.

Which software versions are affected by CVE-2019-8749?

CVE-2019-8749 affects macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, watchOS 6, and iTunes 12.10.1.

How can I fix CVE-2019-8749?

To fix CVE-2019-8749, update your software to the following versions: macOS Catalina 10.15.1, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, watchOS 6, and iTunes 12.10.1.

Where can I find more information about CVE-2019-8749?

You can find more information about CVE-2019-8749 on the Apple support website: [link](https://support.apple.com/en-us/HT210722).

Vulnerability/
CVE-2019-8749

critical

9.8

CWE

20 787

19/9/2019

27/10/2020

21/7/2021

CVE-2019-8749: Input Validation

First published: Thu Sep 19 2019(Updated: )

libxml2. Multiple memory corruption issues were addressed with improved input validation.

Credit: found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iCloud for Windows	<10.7	10.7
Apple iCloud for Windows	<7.14	7.14
Apple iTunes for Windows	<12.10.1	12.10.1
Apple macOS Catalina	<10.15	10.15
Apple macOS Catalina	<10.15.1	10.15.1
Apple watchOS	<6	6
Apple tvOS	<13	13
Apple iOS	<13	13
Apple Icloud Windows	<7.14
Apple Icloud Windows	>=10.0<10.7
Apple Itunes Windows	<12.10.1
Apple Safari	<13.0.1
Apple iPhone OS	<13.0
Apple tvOS	<13
Apple watchOS	<6.0

Never miss a vulnerability like this again

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2019-8741
CVE-2019-8825
CVE-2019-8746
CVE-2019-8749
CVE-2019-8756
CVE-2019-8745
CVE-2019-8625
CVE-2019-8719
CVE-2019-8764
CVE-2019-8707
CVE-2019-8726
CVE-2019-8728
CVE-2019-8733
CVE-2019-8734
CVE-2019-8735
CVE-2019-8743
CVE-2019-8751
CVE-2019-8752
CVE-2019-8763
CVE-2019-8765
CVE-2019-8773
CVE-2019-8762
CVE-2019-8750
CVE-2019-8710
CVE-2019-8766
CVE-2019-8748
CVE-2019-11041
CVE-2019-11042
CVE-2019-8706
CVE-2019-8850
CVE-2019-8774
CVE-2019-8753
CVE-2019-8705
CVE-2019-8592
CVE-2019-8757
CVE-2019-8736
CVE-2019-8767
CVE-2019-8737
CVE-2019-8776
CVE-2019-8509
CVE-2018-12152
CVE-2018-12153
CVE-2018-12154
CVE-2019-8759
CVE-2019-8758
CVE-2019-8755
CVE-2019-8703
CVE-2019-8809
CVE-2019-8744
CVE-2019-8717
CVE-2019-8709
CVE-2019-8781
CVE-2019-8799
CVE-2019-8826
CVE-2019-8730
CVE-2019-8772
CVE-2019-8708
CVE-2019-8715
CVE-2019-8855
CVE-2019-8770
CVE-2019-8701
CVE-2019-8761
CVE-2019-8831
CVE-2019-8769
CVE-2019-8768
CVE-2019-8854
CVE-2019-8787
CVE-2019-8796
CVE-2019-8824
CVE-2019-8803
CVE-2019-8817
CVE-2019-8716
CVE-2019-8788
CVE-2019-8785
CVE-2019-8797
CVE-2019-8789
CVE-2017-7152
CVE-2019-8798
CVE-2019-8784
CVE-2019-8807
CVE-2019-8801
CVE-2019-8794
CVE-2019-8786
CVE-2019-8829
CVE-2019-8802
CVE-2019-8858
CVE-2019-8805
CVE-2019-8754
CVE-2019-15126
CVE-2019-8718
CVE-2019-8740
CVE-2019-8712
CVE-2019-8747
CVE-2019-8780
CVE-2019-8704
CVE-2020-9932
CVE-2019-8711
CVE-2019-8732
CVE-2019-8760
CVE-2019-8641
CVE-2019-8742
CVE-2019-8731
CVE-2019-8727
CVE-2019-8771
CVE-2019-8674

Frequently Asked Questions

What is CVE-2019-8749?
CVE-2019-8749 is a vulnerability that involves multiple memory corruption issues in libxml2, which have been addressed with improved input validation.
What is the severity of CVE-2019-8749?
The severity of CVE-2019-8749 is critical with a severity value of 9.8.
Which software versions are affected by CVE-2019-8749?
CVE-2019-8749 affects macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, watchOS 6, and iTunes 12.10.1.
How can I fix CVE-2019-8749?
To fix CVE-2019-8749, update your software to the following versions: macOS Catalina 10.15.1, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, Security Update 2019-006, watchOS 6, and iTunes 12.10.1.
Where can I find more information about CVE-2019-8749?
You can find more information about CVE-2019-8749 on the Apple support website: [link](https://support.apple.com/en-us/HT210722).

collector/apple-support
alias/CVE-2019-8756
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/software-canonical-lookup-request
agent/weakness
agent/references
agent/author
agent/severity
agent/tags
agent/event
agent/description
collector/nvd-index
vendor/apple
canonical/apple icloud for windows
canonical/apple itunes for windows
canonical/apple macos catalina
canonical/apple watchos
canonical/apple tvos
canonical/apple ios
canonical/apple icloud windows
version/apple icloud windows/10.0
canonical/apple itunes windows
canonical/apple safari
canonical/apple iphone os