What is CVE-2019-8844?

CVE-2019-8844 is a vulnerability in WebKit that allows for multiple memory corruption issues.

What is the severity of CVE-2019-8844?

CVE-2019-8844 has a severity rating of 8.8, which is considered critical.

Which software versions are affected by CVE-2019-8844?

Safari 13.0.4, iCloud for Windows 10.9, and WebKitGTK 2.26.3 are affected by CVE-2019-8844.

How can I fix CVE-2019-8844?

To fix CVE-2019-8844, update to the fixed versions of Safari, iCloud for Windows, and WebKitGTK.

Where can I find more information about CVE-2019-8844?

You can find more information about CVE-2019-8844 on the Apple support website.

Vulnerability/
CVE-2019-8844

critical

9.3

CWE

787

10/12/2019

27/10/2020

18/5/2021

CVE-2019-8844

First published: Tue Dec 10 2019(Updated: )

WebKit. Multiple memory corruption issues were addressed with improved memory handling.

Credit: Anonymous Trend MicroMike Zhang Pangu TeamWilliam Bowling @wcbowling William Bowling @wcbowling Anonymous Trend Micro's Zero Day InitiativeMike Zhang Pangu TeamWilliam Bowling @wcbowling Anonymous Trend MicroMike Zhang Pangu TeamWilliam Bowling @wcbowling Anonymous Trend MicroMike Zhang Pangu TeamWilliam Bowling @wcbowling Anonymous Trend MicroMike Zhang Pangu TeamWilliam Bowling @wcbowling Anonymous Trend MicroMike Zhang Pangu TeamWilliam Bowling @wcbowling product-security@apple.com

Affected Software	Affected Version	How to fix
Apple Safari	<13.0.4	13.0.4
Apple iCloud for Windows	<10.9	10.9
Apple iCloud for Windows	<7.16	7.16
Apple iTunes for Windows	<12.10.3	12.10.3
Apple watchOS	<6.1.1	6.1.1
Apple tvOS	<13.3	13.3
redhat/webkitgtk	<2.26.3	2.26.3
Apple iOS	<13.3	13.3
Apple iPadOS	<13.3	13.3
Apple Icloud Windows	<7.16
Apple Icloud Windows	>=10.0<10.9
Apple Itunes Windows	<12.10.3
Apple Safari	<13.0.4
Apple iPadOS	<13.3
Apple iPhone OS	<13.3
Apple tvOS	<13.3
Apple watchOS	<6.1.1
Redhat Enterprise Linux Desktop	=7.0
Redhat Enterprise Linux Server	=7.0
Redhat Enterprise Linux Workstation	=7.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2019-8844?
CVE-2019-8844 is a vulnerability in WebKit that allows for multiple memory corruption issues.
What is the severity of CVE-2019-8844?
CVE-2019-8844 has a severity rating of 8.8, which is considered critical.
Which software versions are affected by CVE-2019-8844?
Safari 13.0.4, iCloud for Windows 10.9, and WebKitGTK 2.26.3 are affected by CVE-2019-8844.
How can I fix CVE-2019-8844?
To fix CVE-2019-8844, update to the fixed versions of Safari, iCloud for Windows, and WebKitGTK.
Where can I find more information about CVE-2019-8844?
You can find more information about CVE-2019-8844 on the Apple support website.

collector/apple-support
alias/CVE-2019-8844
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/software-canonical-lookup-request
agent/author
agent/severity
agent/weakness
agent/description
collector/redhat-bugzilla
source/Red Hat
agent/software-canonical-lookup
agent/event
agent/tags
agent/references
collector/nvd-index
vendor/apple
canonical/apple safari
canonical/apple icloud for windows
canonical/apple itunes for windows
canonical/apple watchos
canonical/apple tvos
package-manager/redhat
canonical/apple ios
canonical/apple ipados
canonical/apple icloud windows
version/apple icloud windows/10.0
canonical/apple itunes windows
canonical/apple iphone os
vendor/redhat
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/7.0
canonical/redhat enterprise linux server
version/redhat enterprise linux server/7.0
canonical/redhat enterprise linux workstation
version/redhat enterprise linux workstation/7.0