CVE-2019-8800
First published: Thu Oct 31 2019(Updated: )
A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution.
Credit: product-security@apple.com Pan ZhenPeng Qihoo 360 Nirvan TeamPan ZhenPeng Qihoo 360 Nirvan Team
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Xcode | <11.2 | |
| Apple Xcode | <11.2 | 11.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-8800.
What is the severity of CVE-2019-8800?
CVE-2019-8800 has a severity rating of 7.8 (high).
How does CVE-2019-8800 affect Apple Xcode?
CVE-2019-8800 affects Apple Xcode versions up to and including 11.2.
How can this vulnerability be exploited?
This vulnerability can be exploited by processing a maliciously crafted file, which may lead to arbitrary code execution.
How can I fix CVE-2019-8800?
CVE-2019-8800 is fixed in Xcode 11.2. It is recommended to update to this version.
- collector/nvd-index
- collector/apple-support
- alias/CVE-2019-8806
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/apple
- canonical/apple xcode