CVE-2020-3877: Input Validation
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3, watchOS 6.1.2. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Other sources
AnnotationKit. An out-of-bounds read was addressed with improved input validation.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
- CVE-2019-8836
- CVE-2020-3834
- CVE-2020-3860
Frequently Asked Questions
What is CVE-2020-3877?
CVE-2020-3877 is a vulnerability in AnnotationKit that allows for an out-of-bounds read due to insufficient input validation.
Which software versions are affected by CVE-2020-3877?
The affected software versions include Apple watchOS up to version 6.1.2, macOS Catalina up to version 10.15.3, Apple Mojave, and Apple High Sierra.
How can I fix CVE-2020-3877?
To fix CVE-2020-3877, update your software to the latest version provided by Apple.
What is the severity of CVE-2020-3877?
The severity of CVE-2020-3877 is not specified.
Where can I find more information about CVE-2020-3877?
You can find more information about CVE-2020-3877 on the Apple support website.