CVE-2020-27926: Use After Free
First published: Thu Nov 05 2020(Updated: )
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: found by OSS-Fuzz found by OSS-Fuzz product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <14.2 | 14.2 |
| Apple iPadOS | <14.2 | 14.2 |
| Apple iPadOS | <14.2 | |
| Apple iPhone OS | <14.2 | |
| Apple macOS Big Sur | <11.1 | 11.1 |
| Apple Catalina | ||
| Apple Mojave |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27936
- CVE-2020-27903
- CVE-2020-27941
- CVE-2020-29621
- CVE-2020-29610
- CVE-2020-27910
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27916
- CVE-2020-27906
- CVE-2020-27948
- CVE-2020-27908
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-27922
- CVE-2020-10001
- CVE-2020-27946
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27943
- CVE-2020-27944
- CVE-2020-29624
- CVE-2020-29608
- CVE-2020-10002
- CVE-2020-27947
- CVE-2020-29612
- CVE-2020-9978
- CVE-2020-27939
- CVE-2020-29625
- CVE-2020-29615
- CVE-2020-29616
- CVE-2020-27924
- CVE-2020-29618
- CVE-2020-29611
- CVE-2020-29617
- CVE-2020-29619
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-27919
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27949
- CVE-2020-29620
- CVE-2020-27911
- CVE-2020-27920
- CVE-2020-27926
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-29633
- CVE-2020-29614
- CVE-2020-13520
- CVE-2020-9972
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-27901
- CVE-2020-27938
- CVE-2020-10007
- CVE-2020-10012
- CVE-2020-27896
- CVE-2020-10009
- CVE-2020-29623
- CVE-2020-15969
- CVE-2020-27898
- CVE-2020-27925
- CVE-2020-27909
- CVE-2020-9897
- CVE-2020-10003
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-27905
- CVE-2020-27950
- CVE-2020-27932
- CVE-2020-27902
- CVE-2020-27917
- CVE-2020-10011
- CVE-2020-27899
- CVE-2020-27918
- CVE-2020-27935
Frequently Asked Questions
What is CVE-2020-27926?
CVE-2020-27926 is a vulnerability in libxml2 that could allow an attacker to execute arbitrary code or cause a denial of service.
Which software versions are affected by CVE-2020-27926?
CVE-2020-27926 affects Apple iOS up to version 14.2, Apple iPadOS up to version 14.2, Apple macOS Big Sur up to version 11.1, Apple Catalina, and Apple Mojave.
What is the severity of CVE-2020-27926?
CVE-2020-27926 has a severity rating of critical.
How can I fix CVE-2020-27926?
To fix CVE-2020-27926, update your affected software to the latest available version provided by Apple.
Where can I find more information about CVE-2020-27926?
You can find more information about CVE-2020-27926 at the following references: [Apple Support Article 1](https://support.apple.com/en-us/HT211929) and [Apple Support Article 2](https://support.apple.com/en-us/HT212011).
- agent/type
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/event
- agent/weakness
- agent/description
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple macos big sur
- canonical/apple catalina
- canonical/apple mojave
- canonical/apple ios
- canonical/apple ipados
- canonical/apple iphone os