CVE-2019-8768Incomplete Cleanup in Apple Macos

CWE-459Incomplete CleanupCWE-200Sensitive Information Exposure8 documents7 sources
Severity
5.3MEDIUMNVD
EPSS
0.5%
top 33.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple MacosApple MAC OS XDebian Webkit2gtk+2 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

CVEListV5apple/macosunspecifiedmacOS Catalina 10.15
NVDapple/mac_os_x< 10.15
debiandebian/webkit2gtk< webkit2gtk 2.24.0-1 (bookworm)
Appleapple/ios13

🔴Vulnerability Details

2
GHSA
GHSA-xc3m-grrh-hxmp: "Clear History and Website Data" did not clear the history2022-05-24
OSV
CVE-2019-8768: "Clear History and Website Data" did not clear the history2019-12-18

📋Vendor Advisories

4
Red Hat
webkitgtk: Browsing history could not be deleted2019-10-29
Apple
CVE-2019-8768: macOS Catalina 10.152019-10-07
Apple
CVE-2019-8768: iOS 132019-09-19
Debian
CVE-2019-8768: webkit2gtk - "Clear History and Website Data" did not clear the history. The issue was addres...2019

💬Community

1
Bugzilla
CVE-2019-8768 webkitgtk: Browsing history could not be deleted2020-09-07