CVE-2017-7142
published 2017-10-23CVE-2017-7142: An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to…
PriorityP422medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EPSS
0.25%
49.0th percentile
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | safari | <= 10.1.2 | — |
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.18.1-1 (bookworm) | webkit2gtk 2.18.1-1 (bookworm) |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3LOW
Apple
CVE-2017-7142: Safari 11
vendor_apple·2017-09-19·CVSS 5.3
CVE-2017-7142 [MEDIUM] CVE-2017-7142: Safari 11
Apple Security Update: About the security content of Safari 11
Product: Safari
Version: 11
CVE: CVE-2017-7142
Component: WebKit Storage
Impact: Website data may persist after a Safari Private browsing session
Description: An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling.
Apple
CVE-2017-7142: iOS 11
vendor_apple·2017-09-19·CVSS 5.3
CVE-2017-7142 [MEDIUM] CVE-2017-7142: iOS 11
Apple Security Update: About the security content of iOS 11
Product: iOS
Version: 11
CVE: CVE-2017-7142
Component: WebKit Storage
Impact: Website data may persist after a Safari Private browsing session
Description: An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling.
Debian
CVE-2017-7142: webkit2gtk - An issue was discovered in certain Apple products. Safari before 11 is affected....
vendor_debian·2017·CVSS 5.3
CVE-2017-7142 [MEDIUM] CVE-2017-7142: webkit2gtk - An issue was discovered in certain Apple products. Safari before 11 is affected....
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
Scope: local
bookworm: resolved (fixed in 2.18.1-1)
bullseye: resolved (fixed in 2.18.1-1)
forky: resolved (fixed in 2.18.1-1)
sid: resolved (fixed in 2.18.1-1)
trixie: resolved (fixed in 2.18.1-1)
GHSA
GHSA-67gp-7p67-q86p: An issue was discovered in certain Apple products
ghsa_unreviewed·2022-05-17
CVE-2017-7142 [MEDIUM] CWE-200 GHSA-67gp-7p67-q86p: An issue was discovered in certain Apple products
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
OSV
CVE-2017-7142: An issue was discovered in certain Apple products
osv·2017-10-23·CVSS 5.3
CVE-2017-7142 [MEDIUM] CVE-2017-7142: An issue was discovered in certain Apple products
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-10-23
Published