PT-2020-17745 · Apple · Safari

Ryan Pickren

Published

2020-10-27

Updated

2021-07-21

CVE-2020-3852

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 13.0.5

Description A logic issue was addressed with improved validation. The issue involves a URL scheme that may be incorrectly ignored when determining multimedia permission for a website.

Recommendations For versions prior to 13.0.5, update to Safari 13.0.5 to resolve the issue.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2020-3852

Affected Products

Safari

PT-2020-17745 · Apple · Safari

CVE-2020-3852

Weakness Enumeration

Related Identifiers

Affected Products

References · 3