PT-2019-19248 · Apple · Swiftnio Ssl

Published

2019-12-18

Updated

2022-05-24

CVE-2019-8849

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SwiftNIO SSL versions prior to 2.4.1

Description The issue allows a SwiftNIO application using TLS to potentially execute arbitrary code. This is due to the requirement of an executable stack, which has been addressed by signaling that it is not required.

Recommendations For versions prior to 2.4.1, update to SwiftNIO SSL 2.4.1 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-8849

GHSA-FRG3-GPCX-968F

Affected Products

Swiftnio Ssl

PT-2019-19248 · Apple · Swiftnio Ssl

CVE-2019-8849

Related Identifiers

Affected Products

References · 8