CVE-2020-29629: Input Validation
First published: Wed Sep 16 2020(Updated: )
FontParser. An out-of-bounds read was addressed with improved input validation.
Credit: an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <14.0 | 14.0 |
| Apple iPadOS | <14.0 | 14.0 |
| Apple macOS Big Sur | <11.0.1 | 11.0.1 |
| Apple tvOS | <14.0 | 14.0 |
| Apple watchOS | <7.0 | 7.0 |
| Apple Catalina | ||
| Apple macOS | <11.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT211843 (Advisory)
- https://support.apple.com/en-us/HT211844 (Advisory)
- https://support.apple.com/en-us/HT211850 (Advisory)
- https://support.apple.com/en-us/HT211931 (Advisory)
- https://support.apple.com/en-us/HT212530 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-9979
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-9960
- CVE-2020-9954
- CVE-2020-9949
- CVE-2020-9999
- CVE-2020-9965
- CVE-2020-9966
- CVE-2020-29629
- CVE-2020-9956
- CVE-2020-9962
- CVE-2020-27931
- CVE-2020-29639
- CVE-2020-9978
- CVE-2020-36521
- CVE-2020-9961
- CVE-2020-9955
- CVE-2020-9876
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-9976
- CVE-2020-9981
- CVE-2020-9971
- CVE-2020-9969
- CVE-2020-9968
- CVE-2020-13434
- CVE-2020-13435
- CVE-2020-9991
- CVE-2020-15358
- CVE-2020-13631
- CVE-2020-9849
- CVE-2020-13630
- CVE-2020-9947
- CVE-2020-9950
- CVE-2020-9951
- CVE-2020-9983
- CVE-2020-9952
- CVE-2020-10013
- CVE-2020-9941
- CVE-2020-9989
- CVE-2020-9946
- CVE-2020-9993
- CVE-2020-9958
- CVE-2020-9773
- CVE-2020-9992
- CVE-2020-9964
- CVE-2019-14899
- CVE-2020-9988
- CVE-2020-13520
- CVE-2020-6147
- CVE-2020-9972
- CVE-2020-9973
- CVE-2020-9996
- CVE-2020-9963
- CVE-2020-9977
- CVE-2020-9959
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27903
- CVE-2020-27910
- CVE-2020-27916
- CVE-2020-27906
- CVE-2020-27945
- CVE-2020-27908
- CVE-2020-27909
- CVE-2020-10017
- CVE-2020-9897
- CVE-2020-9883
- CVE-2020-10003
- CVE-2020-27922
- CVE-2020-27937
- CVE-2020-27894
- CVE-2020-36615
- CVE-2021-1790
- CVE-2021-1775
- CVE-2020-27942
- CVE-2020-27952
- CVE-2020-27930
- CVE-2020-27927
- CVE-2020-10002
- CVE-2020-27924
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-27919
- CVE-2020-27921
- CVE-2020-27904
- CVE-2020-27950
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-27932
- CVE-2020-27917
- CVE-2020-27920
- CVE-2020-27911
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-10011
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-27901
- CVE-2020-27900
- CVE-2019-20838
- CVE-2020-14155
- CVE-2020-10007
- CVE-2020-27896
- CVE-2020-10012
- CVE-2020-10663
- CVE-2020-9945
- CVE-2020-9942
- CVE-2020-9987
- CVE-2021-1803
- CVE-2020-27893
- CVE-2021-1755
- CVE-2020-10005
- CVE-2020-27899
- CVE-2020-10009
- CVE-2020-10008
- CVE-2020-27918
- CVE-2020-27898
- CVE-2020-27935
- CVE-2020-10006
- CVE-2021-30676
- CVE-2021-30678
- CVE-2021-30688
- CVE-2021-30669
- CVE-2021-30685
- CVE-2021-30686
- CVE-2021-30681
- CVE-2021-30724
- CVE-2021-30673
- CVE-2021-30684
- CVE-2021-30735
- CVE-2021-30710
- CVE-2021-1884
- CVE-2021-1883
- CVE-2021-30697
- CVE-2021-30683
- CVE-2021-30687
- CVE-2021-30701
- CVE-2021-30743
- CVE-2021-30705
- CVE-2021-30728
- CVE-2021-30719
- CVE-2021-30726
- CVE-2021-30704
- CVE-2021-30715
- CVE-2021-30739
- CVE-2021-30702
- CVE-2021-30696
- CVE-2021-30819
- CVE-2021-30723
- CVE-2021-30691
- CVE-2021-30694
- CVE-2021-30692
- CVE-2021-30746
- CVE-2021-30693
- CVE-2021-30695
- CVE-2021-30708
- CVE-2021-30709
- CVE-2021-30725
- CVE-2021-30679
- CVE-2020-36226
- CVE-2020-36229
- CVE-2020-36225
- CVE-2020-36224
- CVE-2020-36223
- CVE-2020-36227
- CVE-2020-36228
- CVE-2020-36221
- CVE-2020-36222
- CVE-2020-36230
- CVE-2021-30737
- CVE-2021-30716
- CVE-2021-30717
- CVE-2021-30712
- CVE-2021-30721
- CVE-2021-30722
- CVE-2021-30671
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-29629.
What is the title of this vulnerability?
The title of this vulnerability is FontParser. An out-of-bounds read was addressed with improved input validation.
Which software versions are affected by this vulnerability?
The following software versions are affected: Apple tvOS up to version 14.0, Apple iOS up to version 14.0, Apple iPadOS up to version 14.0, Apple Catalina, Apple macOS Big Sur up to version 11.0.1, and Apple watchOS up to version 7.0.
How was this vulnerability addressed?
This vulnerability was addressed with improved input validation.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following references: [Link 1](https://support.apple.com/en-us/HT212530), [Link 2](https://support.apple.com/en-us/HT211843), and [Link 3](https://support.apple.com/en-us/HT211844).
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/apple
- canonical/apple tvos
- canonical/apple watchos
- canonical/apple ios
- canonical/apple ipados
- canonical/apple macos big sur
- canonical/apple catalina
- canonical/apple macos