CVE-2020-9915

Name of the Vulnerable Software and Affected Versions iOS versions prior to 13.6 iPadOS versions prior to 13.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 Safari versions prior to 13.1.2 iTunes versions prior to 12.10.8 for Windows iCloud for Windows versions prior to 11.3 iCloud for Windows versions prior to 7.20

Description The issue is related to an access problem in the Content Security Policy, which can be exploited by processing maliciously crafted web content, preventing the Content Security Policy from being enforced. This is due to unsafe privilege management in the WebKit browser module used by Apple Safari and various Apple operating systems.

Recommendations For iOS versions prior to 13.6, update to version 13.6 or later. For iPadOS versions prior to 13.6, update to version 13.6 or later. For tvOS versions prior to 13.4.8, update to version 13.4.8 or later. For watchOS versions prior to 6.2.8, update to version 6.2.8 or later. For Safari versions prior to 13.1.2, update to version 13.1.2 or later. For iTunes versions prior to 12.10.8 for Windows, update to version 12.10.8 or later. For iCloud for Windows versions prior to 11.3, update to version 11.3 or later. For iCloud for Windows versions prior to 7.20, update to version 7.20 or later.