CVE-2019-8790
First published: Fri Oct 11 2019(Updated: )
Foundation. This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0.
Credit: Apple product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <5.1.1 | 5.1.1 | |
| Apple Swift | <5.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210647 (Advisory)
Frequently Asked Questions
What is CVE-2019-8790?
CVE-2019-8790 is a vulnerability in URLSession in Swift for Ubuntu that could lead to inadvertent data disclosure.
How was CVE-2019-8790 addressed?
CVE-2019-8790 was addressed by updating the incorrect URLSession file descriptors management logic to match Swift 5.0.
Which version of Swift for Ubuntu is affected?
Versions up to but excluding 5.1.1 of Swift for Ubuntu are affected by CVE-2019-8790.
What is the severity of CVE-2019-8790?
CVE-2019-8790 has a medium severity rating with a score of 5.5.
Where can I find more information about CVE-2019-8790?
You can find more information about CVE-2019-8790 at the following reference: https://support.apple.com/en-us/HT210647
- collector/apple-support
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- agent/trending
- agent/tags
- agent/source
- vendor/apple
- canonical/apple swift