PT-2020-11335 · Apple · Safari+4

Michael Kleber

Published

2020-10-27

Updated

2021-07-21

CVE-2019-8898

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 13.3 iPadOS versions prior to 13.3 tvOS versions prior to 13.3 Safari versions prior to 13.0.4 iTunes versions prior to 12.10.3 for Windows

Description An information disclosure issue existed in the handling of the Storage Access API, which could reveal sites a user has visited when visiting a maliciously crafted website. This issue was addressed with improved logic.

Recommendations For iOS versions prior to 13.3, update to iOS 13.3 or later. For iPadOS versions prior to 13.3, update to iPadOS 13.3 or later. For tvOS versions prior to 13.3, update to tvOS 13.3 or later. For Safari versions prior to 13.0.4, update to Safari 13.0.4 or later. For iTunes versions prior to 12.10.3 for Windows, update to iTunes 12.10.3 for Windows or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-8898

Affected Products

Safari

Ios

Ipados

Itunes

Tvos

PT-2020-11335 · Apple · Safari+4

CVE-2019-8898

Related Identifiers

Affected Products

References · 6