{"api_version":"1","generated_at":"2026-04-23T00:39:56+00:00","cve":"CVE-2019-8681","urls":{"html":"https://cve.report/CVE-2019-8681","api":"https://cve.report/api/cve/CVE-2019-8681.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-8681","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-8681"},"summary":{"title":"CVE-2019-8681","description":"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2019-12-18 18:15:00","updated_at":"2021-07-21 11:39:00"},"problem_types":["CWE-787","CWE-416"],"metrics":[],"references":[{"url":"https://support.apple.com/HT210356","name":"https://support.apple.com/HT210356","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of iTunes 12.9.6 for Windows - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210355","name":"https://support.apple.com/HT210355","refsource":"MISC","tags":["Vendor Advisory"],"title":"Acerca del contenido de seguridad de Safari 12.1.2 - Soporte t&eacute;cnico de Apple","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210348","name":"https://support.apple.com/HT210348","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210346","name":"https://support.apple.com/HT210346","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of iOS 12.4 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210351","name":"https://support.apple.com/HT210351","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of tvOS 12.4 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210358","name":"https://support.apple.com/HT210358","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of iCloud for Windows 10.6 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/HT210357","name":"https://support.apple.com/HT210357","refsource":"MISC","tags":["Vendor Advisory"],"title":"About the security content of iCloud for Windows 7.13 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-8681","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8681","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"icloud","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"icloud","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"itunes","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"itunes","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"safari","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"safari","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"8681","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-8681","qid":"296078","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 16.4.0 Missing (CPUOCT2019)"},{"cve":"CVE-2019-8681","qid":"377553","title":"Alibaba Cloud Linux Security Update for webkitgtk4 (ALINUX2-SA-2020:0147)"},{"cve":"CVE-2019-8681","qid":"501284","title":"Alpine Linux Security Update for webkit2gtk"},{"cve":"CVE-2019-8681","qid":"505505","title":"Alpine Linux Security Update for webkit2gtk"},{"cve":"CVE-2019-8681","qid":"710127","title":"Gentoo Linux WebkitGTK+ Multiple vulnerabilities (GLSA 201909-05)"},{"cve":"CVE-2019-8681","qid":"751623","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:0142-1)"},{"cve":"CVE-2019-8681","qid":"940366","title":"AlmaLinux Security Update for GNOME (ALSA-2019:3553)"},{"cve":"CVE-2019-8681","qid":"960235","title":"Rocky Linux Security Update for GNOME (RLSA-2019:3553)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2019-8681","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"iOS","version":{"version_data":[{"version_affected":"<","version_value":"iOS 12.4"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"macOS Mojave 10.14.6"}]}},{"product_name":"tvOS","version":{"version_data":[{"version_affected":"<","version_value":"tvOS 12.4"}]}},{"product_name":"Safari","version":{"version_data":[{"version_affected":"<","version_value":"Safari 12.1.2"}]}},{"product_name":"iTunes for Windows","version":{"version_data":[{"version_affected":"<","version_value":"iTunes for Windows 12.9.6"}]}},{"product_name":"iCloud for Windows","version":{"version_data":[{"version_affected":"<","version_value":"iCloud for Windows 7.13"}]}},{"product_name":"iCloud for Windows (Microsoft Store)","version":{"version_data":[{"version_affected":"<","version_value":"iCloud for Windows 10.6"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Processing maliciously crafted web content may lead to arbitrary code execution"}]}]},"references":{"reference_data":[{"url":"https://support.apple.com/HT210346","refsource":"MISC","name":"https://support.apple.com/HT210346"},{"url":"https://support.apple.com/HT210348","refsource":"MISC","name":"https://support.apple.com/HT210348"},{"url":"https://support.apple.com/HT210351","refsource":"MISC","name":"https://support.apple.com/HT210351"},{"url":"https://support.apple.com/HT210355","refsource":"MISC","name":"https://support.apple.com/HT210355"},{"url":"https://support.apple.com/HT210356","refsource":"MISC","name":"https://support.apple.com/HT210356"},{"url":"https://support.apple.com/HT210357","refsource":"MISC","name":"https://support.apple.com/HT210357"},{"url":"https://support.apple.com/HT210358","refsource":"MISC","name":"https://support.apple.com/HT210358"}]},"description":{"description_data":[{"lang":"eng","value":"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution."}]}},"nvd":{"publishedDate":"2019-12-18 18:15:00","lastModifiedDate":"2021-07-21 11:39:00","problem_types":["CWE-787","CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","versionEndExcluding":"10.14.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"12.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*","versionEndExcluding":"7.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*","versionEndExcluding":"12.9.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*","versionStartIncluding":"10.0","versionEndExcluding":"10.6","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"8681","Ordinal":"146517","Title":"CVE-2019-8681","CVE":"CVE-2019-8681","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"8681","Ordinal":"1","NoteData":"Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"8681","Ordinal":"2","NoteData":"2019-12-18","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"8681","Ordinal":"3","NoteData":"2019-12-18","Type":"Other","Title":"Modified"}]}}}