CVE-2019-8814
First published: Mon Oct 28 2019(Updated: )
WebKit. Multiple memory corruption issues were addressed with improved memory handling.
Credit: Cheolung Lee LINESoyeon Park SSLab at Georgia TechSamuel Groß Google Project ZeroSergei Glazunov Google Project Zerofound by OSS-Fuzz JunDong Xie Ant product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/webkitgtk | <2.26.2 | 2.26.2 |
| tvOS | <13.2 | 13.2 |
| Apple Mobile Safari | <13.0.3 | 13.0.3 |
| Apple iCloud for Windows | <7.15 | |
| Apple iCloud for Windows | >=10.0<=10.4 | |
| Apple iTunes for Windows | <12.10.2 | |
| Apple Mobile Safari | <13.0.3 | |
| Apple iOS, iPadOS, and watchOS | <13.2 | |
| iOS | <13.2 | |
| tvOS | <13.2 | |
| redhat enterprise Linux desktop | =7.0 | |
| redhat enterprise Linux server | =7.0 | |
| redhat enterprise Linux workstation | =7.0 | |
| Apple iOS, iPadOS, and watchOS | <13.2 | 13.2 |
| Apple iOS, iPadOS, and watchOS | <13.2 | 13.2 |
| Apple iCloud | <7.15 | 7.15 |
| Apple iTunes | <12.10.2 | 12.10.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210721 (Advisory)
- https://support.apple.com/en-us/HT210723 (Advisory)
- https://support.apple.com/en-us/HT210725 (Advisory)
- https://support.apple.com/en-us/HT210726 (Advisory)
- https://support.apple.com/en-us/HT210728 (Advisory)
- https://security.gentoo.org/glsa/202003-22
- https://support.apple.com/HT210721
- https://support.apple.com/HT210723
- https://support.apple.com/HT210725
- https://support.apple.com/HT210726
- https://support.apple.com/HT210727
- https://support.apple.com/HT210728
- https://access.redhat.com/security/cve/CVE-2019-8814
- https://webkitgtk.org/security/WSA-2019-0006.html
- https://access.redhat.com/errata/RHSA-2020:4035
- https://access.redhat.com/security/cve/cve-2019-8814
- https://access.redhat.com/errata/RHSA-2020:4451
- https://bugzilla.redhat.com/show_bug.cgi?id=1876554
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8787
- CVE-2019-8803
- CVE-2019-8785
- CVE-2019-8797
- CVE-2019-8795
- CVE-2019-8798
- CVE-2019-8794
- CVE-2019-8786
- CVE-2019-8829
- CVE-2019-8813
- CVE-2019-8782
- CVE-2019-8783
- CVE-2019-8808
- CVE-2019-8811
- CVE-2019-8812
- CVE-2019-8814
- CVE-2019-8816
- CVE-2019-8819
- CVE-2019-8820
- CVE-2019-8821
- CVE-2019-8822
- CVE-2019-8823
- CVE-2019-8827
- CVE-2019-8815
- CVE-2019-8796
- CVE-2019-8788
- CVE-2019-8789
- CVE-2017-7152
- CVE-2019-8784
- CVE-2019-8804
- CVE-2019-8793
- CVE-2019-15126
- CVE-2019-8801
Frequently Asked Questions
What is CVE-2019-8814?
CVE-2019-8814 is a vulnerability in WebKit that allows arbitrary code execution.
How severe is CVE-2019-8814?
CVE-2019-8814 has a severity rating of 8.8 out of 10, which is considered critical.
Which software versions are affected by CVE-2019-8814?
CVE-2019-8814 affects iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, and iCloud for Windows 7.15.
How can I fix CVE-2019-8814?
To fix CVE-2019-8814, make sure to update your software to the latest versions: iOS 13.2, iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, and iCloud for Windows 7.15.
Where can I find more information about CVE-2019-8814?
You can find more information about CVE-2019-8814 on the official Apple support page: [link](https://support.apple.com/en-us/HT210721).
- agent/type
- agent/first-publish-date
- agent/references
- agent/severity
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-8814
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- collector/apple-support
- alias/CVE-2019-8783
- alias/CVE-2019-8808
- alias/CVE-2019-8811
- alias/CVE-2019-8812
- alias/CVE-2019-8816
- alias/CVE-2019-8819
- alias/CVE-2019-8820
- alias/CVE-2019-8821
- alias/CVE-2019-8822
- alias/CVE-2019-8823
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/redhat
- vendor/apple
- canonical/tvos
- canonical/apple mobile safari
- canonical/apple icloud for windows
- version/apple icloud for windows/10.0
- version/apple icloud for windows/10.4
- canonical/apple itunes for windows
- canonical/apple ios, ipados, and watchos
- canonical/ios
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- canonical/apple icloud
- canonical/apple itunes