PT-2019-19248 · Apple · Swiftnio Ssl

Publicado

2019-12-18

Atualizado

2022-05-24

CVE-2019-8849

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SwiftNIO SSL versions prior to 2.4.1

Description The issue allows a SwiftNIO application using TLS to potentially execute arbitrary code. This is due to the requirement of an executable stack, which has been addressed by signaling that it is not required.

Recommendations For versions prior to 2.4.1, update to SwiftNIO SSL 2.4.1 to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2019-8849

GHSA-FRG3-GPCX-968F

Produtos afetados

Swiftnio Ssl

PT-2019-19248 · Apple · Swiftnio Ssl

CVE-2019-8849

Identificadores relacionados

Produtos afetados

Referências · 8