CVE-2012-0647Sensitive Information Exposure in Apple Safari

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 48.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Safari
Timeline
PublishedMar 12
Latest updateMay 14

Description

WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapple/safari5.1.3+72

🔴Vulnerability Details

2
GHSA
GHSA-7m66-wm6w-jfmf: WebKit in Apple Safari before 52022-05-14
OSV
CVE-2012-0647: WebKit in Apple Safari before 52012-03-12