Wish_Wu

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 15 Versões do iPadOS anteriores à 15 **Descrição** A falha permite que um modelo 3D criado para se parecer com o usuário cadastrado seja autenticado via Face ID. Isso se deve a modelos anti-spoofing inadequados. O número estimado de dispositivos potencialmente afetados em todo o mundo não foi especificado. **Recomendações** Para versões do iOS anteriores à 15, atualize para o iOS 15 ou posterior para resolver o problema. Para versões do iPadOS anteriores à 15, atualize para o iPadOS 15 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13 **Description** The issue allowed a 3D model constructed to look like the enrolled user to authenticate via Face ID. This was addressed by improving Face ID machine learning models. **Recommendations** For iOS versions prior to 13, update to iOS 13 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libgdx version 7.1.1 **Description** A remote code execution issue in libgdx could allow an attacker to execute arbitrary code in the context of an unprivileged process by using a specially crafted file. This issue is considered High due to the possibility of remote code execution in an application that uses this library. **Recommendations** For libgdx version 7.1.1, update to a newer version that contains a fix for this issue to prevent remote code execution.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-04-01 **Description** The issue is related to insufficient access control in the Qualcomm ARM component of the Android operating system. It can be exploited by a local attacker using a specially crafted application to gain elevated privileges. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-04-01, update to a version released on or after 2016-04-01.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.x through 5.1.0 Android versions 6.x before 2016-03-01 **Description** The issue is related to a component of the Qualcomm performance in Android, which has inadequate access control. This allows attackers to gain privileges via a crafted application. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.x through 5.1.0, update to version 5.1.1 LMY49H or later. For Android versions 6.x before 2016-03-01, update to a version released on or after 2016-03-01.