Apple » Mac Os X » 10.14.6 security_update_2019-001 : Security Vulnerabilities, CVEs, (Directory traversal)
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A local user may be able to modify protected parts of the file system.
Max CVSS
5.5
EPSS Score
0.05%
Published
2021-09-08
Updated
2021-09-15
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system.
Max CVSS
5.5
EPSS Score
0.12%
Published
2020-12-08
Updated
2022-10-12
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox.
Max CVSS
6.3
EPSS Score
0.07%
Published
2020-12-08
Updated
2022-10-14
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-12-08
Updated
2022-10-14
A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may overwrite arbitrary mail files.
Max CVSS
9.1
EPSS Score
0.19%
Published
2020-10-22
Updated
2023-01-09
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.
Max CVSS
7.5
EPSS Score
0.18%
Published
2020-10-27
Updated
2020-11-04
6 vulnerabilities found