CVE-2019-8772

EUVD-2019-18162
An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. This issue is fixed in macOS Catalina 10.15. An attacker may be able to exfiltrate the contents of an encrypted PDF.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
applemac_os_x
𝑥
< 10.15
𝑥
= Vulnerable software versions
References
https://support.apple.com/HT210634
https://support.apple.com/kb/HT210722
https://support.apple.com/HT210634
https://support.apple.com/kb/HT210722