A trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0. An attacker may be able to misuse a trust relationship to download malicious content.
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20