PT-2020-20810 · Apple · Safari+1

Dlive

Published

2020-10-27

Updated

2020-10-29

CVE-2020-9857

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.15.5 Security Update versions prior to 2020-003 Mojave Security Update versions prior to 2020-003 High Sierra

Description The issue existed in the parsing of URLs, which could allow a malicious website to exfiltrate autofilled data in Safari. This was addressed with improved input validation.

Recommendations For macOS versions prior to 10.15.5, update to macOS Catalina 10.15.5. For Security Update versions prior to 2020-003 Mojave, apply Security Update 2020-003 Mojave. For Security Update versions prior to 2020-003 High Sierra, apply Security Update 2020-003 High Sierra.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-9857

Affected Products

Safari

Apple Macos

PT-2020-20810 · Apple · Safari+1

CVE-2020-9857

Related Identifiers

Affected Products

References · 3