What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-9949.

What is the affected software for this vulnerability?

The affected software for this vulnerability includes macOS Catalina (10.15.6), Mojave, High Sierra, macOS Big Sur (11.0.1), tvOS (14.0), iOS (14.0), iPadOS (14.0), and watchOS (7.0).

How was the vulnerability addressed?

The vulnerability was addressed with improved memory management.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the Apple support website at the following links: [link1](https://support.apple.com/en-us/HT211289), [link2](https://support.apple.com/en-us/HT211843), [link3](https://support.apple.com/en-us/HT211844).

Vulnerability/
CVE-2020-9949

critical

9.3

CWE

416

15/7/2020

8/12/2020

11/5/2023

CVE-2020-9949: Use After Free

Q: What is the title of the vulnerability?

The title of the vulnerability is CoreCapture. A use after free issue was addressed with improved memory management.

First published: Wed Jul 15 2020(Updated: )

CoreCapture. A use after free issue was addressed with improved memory management.

Credit: Proteas Proteas Proteas Proteas Proteas product-security@apple.com

Affected Software	Affected Version	How to fix
Apple macOS Catalina	<10.15.6	10.15.6
Apple Mojave
Apple High Sierra
Apple tvOS	<14.0	14.0
Apple watchOS	<7.0	7.0
Apple iOS	<14.0	14.0
Apple iPadOS	<14.0	14.0
Apple macOS Big Sur	<11.0.1	11.0.1
Apple iPadOS	<14.0
Apple iPhone OS	<14.0
Apple Mac OS X	<10.15.6
Apple Mac OS X	>=11.0.0<11.0.1
Apple tvOS	<14.0
Apple watchOS	<7.0

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT211289 (Advisory)
https://support.apple.com/en-us/HT211843 (Advisory)
https://support.apple.com/en-us/HT211844 (Advisory)
https://support.apple.com/en-us/HT211850 (Advisory)
https://support.apple.com/en-us/HT211931 (Advisory)
http://seclists.org/fulldisclosure/2020/Dec/32

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2020-9927
CVE-2020-9884
CVE-2020-9889
CVE-2020-9888
CVE-2020-9890
CVE-2020-9891
CVE-2020-9928
CVE-2020-9929
CVE-2020-9870
CVE-2020-9866
CVE-2020-9869
CVE-2020-9949
CVE-2020-9934
CVE-2020-9883
CVE-2020-9865
CVE-2020-9900
CVE-2020-9980
CVE-2020-9799
CVE-2020-9913
CVE-2020-27933
CVE-2020-11758
CVE-2020-11759
CVE-2020-11760
CVE-2020-11761
CVE-2020-11762
CVE-2020-11763
CVE-2020-11764
CVE-2020-11765
CVE-2020-9871
CVE-2020-9872
CVE-2020-9874
CVE-2020-9879
CVE-2020-9936
CVE-2020-9937
CVE-2020-9919
CVE-2020-9876
CVE-2020-9873
CVE-2020-9938
CVE-2020-9877
CVE-2020-9875
CVE-2020-9984
CVE-2020-9887
CVE-2020-9908
CVE-2020-9990
CVE-2020-9921
CVE-2019-14899
CVE-2020-9904
CVE-2020-9924
CVE-2020-9892
CVE-2020-9863
CVE-2020-9902
CVE-2020-9905
CVE-2020-9997
CVE-2020-9926
CVE-2020-9994
CVE-2020-9935
CVE-2019-19906
CVE-2020-9920
CVE-2020-9922
CVE-2020-9885
CVE-2020-9878
CVE-2020-9880
CVE-2020-9881
CVE-2020-9882
CVE-2020-9940
CVE-2020-9985
CVE-2020-12243
CVE-2020-10878
CVE-2020-12723
CVE-2014-9512
CVE-2020-9930
CVE-2020-9939
CVE-2020-9864
CVE-2020-9868
CVE-2020-9854
CVE-2020-9901
CVE-2019-20807
CVE-2020-9898
CVE-2020-9918
CVE-2020-9899
CVE-2020-9906
CVE-2020-9979
CVE-2020-9943
CVE-2020-9944
CVE-2020-9960
CVE-2020-9954
CVE-2020-9999
CVE-2020-9965
CVE-2020-9966
CVE-2020-29629
CVE-2020-9956
CVE-2020-9962
CVE-2020-27931
CVE-2020-29639
CVE-2020-9978
CVE-2020-36521
CVE-2020-9961
CVE-2020-9955
CVE-2020-9967
CVE-2020-9975
CVE-2020-9976
CVE-2020-9981
CVE-2020-9971
CVE-2020-9969
CVE-2020-9968
CVE-2020-13434
CVE-2020-13435
CVE-2020-9991
CVE-2020-15358
CVE-2020-13631
CVE-2020-9849
CVE-2020-13630
CVE-2020-9947
CVE-2020-9950
CVE-2020-9951
CVE-2020-9983
CVE-2020-9952
CVE-2020-10013
CVE-2020-9941
CVE-2020-9989
CVE-2020-9946
CVE-2020-9993
CVE-2020-9958
CVE-2020-9773
CVE-2020-9992
CVE-2020-9964
CVE-2020-9988
CVE-2020-13520
CVE-2020-6147
CVE-2020-9972
CVE-2020-9973
CVE-2020-9996
CVE-2020-9963
CVE-2020-9977
CVE-2020-9959
CVE-2020-27914
CVE-2020-27915
CVE-2020-27903
CVE-2020-27910
CVE-2020-27916
CVE-2020-27906
CVE-2020-27945
CVE-2020-27908
CVE-2020-27909
CVE-2020-10017
CVE-2020-9897
CVE-2020-10003
CVE-2020-27922
CVE-2020-27937
CVE-2020-27894
CVE-2020-36615
CVE-2021-1790
CVE-2021-1775
CVE-2020-27942
CVE-2020-27952
CVE-2020-27930
CVE-2020-27927
CVE-2020-10002
CVE-2020-27924
CVE-2020-27912
CVE-2020-27923
CVE-2020-10015
CVE-2020-27897
CVE-2020-27907
CVE-2020-27919
CVE-2020-27921
CVE-2020-27904
CVE-2020-27950
CVE-2020-9974
CVE-2020-10016
CVE-2020-27932
CVE-2020-27917
CVE-2020-27920
CVE-2020-27911
CVE-2020-10014
CVE-2020-10010
CVE-2020-10011
CVE-2020-13524
CVE-2020-10004
CVE-2020-27901
CVE-2020-27900
CVE-2019-20838
CVE-2020-14155
CVE-2020-10007
CVE-2020-27896
CVE-2020-10012
CVE-2020-10663
CVE-2020-9945
CVE-2020-9942
CVE-2020-9987
CVE-2021-1803
CVE-2020-27893
CVE-2021-1755
CVE-2020-10005
CVE-2020-27899
CVE-2020-10009
CVE-2020-10008
CVE-2020-27918
CVE-2020-27898
CVE-2020-27935
CVE-2020-10006

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-9949.
What is the title of the vulnerability?
The title of the vulnerability is CoreCapture. A use after free issue was addressed with improved memory management.
What is the affected software for this vulnerability?
The affected software for this vulnerability includes macOS Catalina (10.15.6), Mojave, High Sierra, macOS Big Sur (11.0.1), tvOS (14.0), iOS (14.0), iPadOS (14.0), and watchOS (7.0).
How was the vulnerability addressed?
The vulnerability was addressed with improved memory management.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Apple support website at the following links: [link1](https://support.apple.com/en-us/HT211289), [link2](https://support.apple.com/en-us/HT211843), [link3](https://support.apple.com/en-us/HT211844).

agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/type
agent/weakness
collector/apple-support
agent/software-canonical-lookup-request
collector/nvd-index
agent/software-canonical-lookup
vendor/apple
canonical/apple macos catalina
canonical/apple mojave
canonical/apple high sierra
canonical/apple tvos
canonical/apple watchos
canonical/apple ios
canonical/apple ipados
canonical/apple macos big sur
canonical/apple iphone os
canonical/apple mac os x
version/apple mac os x/11.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.