What is CVE-2019-8756?

CVE-2019-8756 is a vulnerability in libxml2 that allows attackers to cause a denial of service or execute arbitrary code.

What is the severity of CVE-2019-8756?

The severity of CVE-2019-8756 is critical with a CVSS score of 9.8.

Which software versions are affected by CVE-2019-8756?

macOS Catalina 10.15 up to 10.15.1, iOS 13, watchOS 6, iCloud for Windows 7.14 up to 10.7, tvOS 13, and iTunes 12.10.1 for Windows are affected by CVE-2019-8756.

How do I fix CVE-2019-8756?

To fix CVE-2019-8756, update to macOS Catalina 10.15.1 or later, iOS 13 or later, watchOS 6 or later, iCloud for Windows 10.7 or later, tvOS 13 or later, and iTunes 12.10.1 or later for Windows.

Where can I find more information about CVE-2019-8756?

You can find more information about CVE-2019-8756 on the Apple support website. Here are some relevant articles: [link1](https://support.apple.com/en-us/HT210722), [link2](https://support.apple.com/en-us/HT210634), [link3](https://support.apple.com/en-us/HT210604).

Vulnerability/
CVE-2019-8756

critical

9.8

CWE

20 787

19/9/2019

27/10/2020

4/8/2024

CVE-2019-8756: Input Validation

First published: Thu Sep 19 2019(Updated: )

libxml2. Multiple memory corruption issues were addressed with improved input validation.

Credit: found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iCloud for Windows	<10.7	10.7
Apple iCloud for Windows	<7.14	7.14
Apple iTunes for Windows	<12.10.1	12.10.1
Apple macOS Catalina	<10.15	10.15
Apple macOS Catalina	<10.15.1	10.15.1
Apple watchOS	<6	6
Apple tvOS	<13	13
Apple iOS	<13	13
Apple Icloud Windows	<7.14
Apple Icloud Windows	>=10.0<10.7
Apple Itunes Windows	<12.10.1
Apple Mac OS X	<10.15
Apple tvOS	<13
Apple watchOS	<6.0

Never miss a vulnerability like this again

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2019-8741
CVE-2019-8825
CVE-2019-8746
CVE-2019-8749
CVE-2019-8756
CVE-2019-8745
CVE-2019-8625
CVE-2019-8719
CVE-2019-8764
CVE-2019-8707
CVE-2019-8726
CVE-2019-8728
CVE-2019-8733
CVE-2019-8734
CVE-2019-8735
CVE-2019-8743
CVE-2019-8751
CVE-2019-8752
CVE-2019-8763
CVE-2019-8765
CVE-2019-8773
CVE-2019-8762
CVE-2019-8750
CVE-2019-8710
CVE-2019-8766
CVE-2019-8748
CVE-2019-11041
CVE-2019-11042
CVE-2019-8706
CVE-2019-8850
CVE-2019-8774
CVE-2019-8753
CVE-2019-8705
CVE-2019-8592
CVE-2019-8757
CVE-2019-8736
CVE-2019-8767
CVE-2019-8737
CVE-2019-8776
CVE-2019-8509
CVE-2018-12152
CVE-2018-12153
CVE-2018-12154
CVE-2019-8759
CVE-2019-8758
CVE-2019-8755
CVE-2019-8703
CVE-2019-8809
CVE-2019-8744
CVE-2019-8717
CVE-2019-8709
CVE-2019-8781
CVE-2019-8799
CVE-2019-8826
CVE-2019-8730
CVE-2019-8772
CVE-2019-8708
CVE-2019-8715
CVE-2019-8855
CVE-2019-8770
CVE-2019-8701
CVE-2019-8761
CVE-2019-8831
CVE-2019-8769
CVE-2019-8768
CVE-2019-8854
CVE-2019-8787
CVE-2019-8796
CVE-2019-8824
CVE-2019-8803
CVE-2019-8817
CVE-2019-8716
CVE-2019-8788
CVE-2019-8785
CVE-2019-8797
CVE-2019-8789
CVE-2017-7152
CVE-2019-8798
CVE-2019-8784
CVE-2019-8807
CVE-2019-8801
CVE-2019-8794
CVE-2019-8786
CVE-2019-8829
CVE-2019-8802
CVE-2019-8858
CVE-2019-8805
CVE-2019-8754
CVE-2019-15126
CVE-2019-8718
CVE-2019-8740
CVE-2019-8712
CVE-2019-8747
CVE-2019-8780
CVE-2019-8704
CVE-2020-9932
CVE-2019-8711
CVE-2019-8732
CVE-2019-8760
CVE-2019-8641
CVE-2019-8742
CVE-2019-8731
CVE-2019-8727
CVE-2019-8771
CVE-2019-8674

Frequently Asked Questions

What is CVE-2019-8756?
CVE-2019-8756 is a vulnerability in libxml2 that allows attackers to cause a denial of service or execute arbitrary code.
What is the severity of CVE-2019-8756?
The severity of CVE-2019-8756 is critical with a CVSS score of 9.8.
Which software versions are affected by CVE-2019-8756?
macOS Catalina 10.15 up to 10.15.1, iOS 13, watchOS 6, iCloud for Windows 7.14 up to 10.7, tvOS 13, and iTunes 12.10.1 for Windows are affected by CVE-2019-8756.
How do I fix CVE-2019-8756?
To fix CVE-2019-8756, update to macOS Catalina 10.15.1 or later, iOS 13 or later, watchOS 6 or later, iCloud for Windows 10.7 or later, tvOS 13 or later, and iTunes 12.10.1 or later for Windows.
Where can I find more information about CVE-2019-8756?
You can find more information about CVE-2019-8756 on the Apple support website. Here are some relevant articles: [link1](https://support.apple.com/en-us/HT210722), [link2](https://support.apple.com/en-us/HT210634), [link3](https://support.apple.com/en-us/HT210604).

collector/apple-support
alias/CVE-2019-8756
agent/type
agent/last-modified-date
agent/first-publish-date
agent/software-canonical-lookup-request
agent/weakness
agent/references
agent/author
agent/severity
agent/event
agent/description
collector/nvd-index
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple icloud for windows
canonical/apple itunes for windows
canonical/apple macos catalina
canonical/apple watchos
canonical/apple tvos
canonical/apple ios
canonical/apple icloud windows
version/apple icloud windows/10.0
canonical/apple itunes windows
canonical/apple mac os x