CVE-2019-8779
First published: Wed Dec 18 2019(Updated: )
A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS, iPadOS, and watchOS | <13.1.1 | |
| iOS | <13.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-8779?
CVE-2019-8779 is classified as a moderate severity vulnerability due to its potential to bypass sandbox restrictions in third-party app extensions.
How do I fix CVE-2019-8779?
To fix CVE-2019-8779, update your device to iOS 13.1.1 or iPadOS 13.1.1.
Who is affected by CVE-2019-8779?
CVE-2019-8779 affects users of iOS versions prior to 13.1.1 and iPadOS versions prior to 13.1.1.
What type of issue is CVE-2019-8779?
CVE-2019-8779 is a logic issue that incorrectly applies sandbox restrictions to third-party app extensions.
Is there a workaround for CVE-2019-8779?
There is no documented workaround for CVE-2019-8779 other than upgrading to the fixed versions.
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple ios, ipados, and watchos
- canonical/ios