vulnerability

OS X update for PDFKit (CVE-2019-8772)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Oct 8, 2019	Oct 8, 2019	Dec 6, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Oct 8, 2019

Added

Oct 8, 2019

Modified

Dec 6, 2022

Description

An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF.

Solution(s)

apple-osx-security-update-2019-001-mojaveapple-osx-security-update-2019-006-high-sierraapple-osx-upgrade-10_15

References

CVE-2019-8772
https://attackerkb.com/topics/CVE-2019-8772
URL-https://support.apple.com/kb/HT210634
URL-https://support.apple.com/kb/HT210722

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today