CVE-2019-8769 — Sensitive Information Exposure in Apple Macos

CWE-200 — Sensitive Information Exposure10 documents9 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 64.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS Apple Macos Apple Ipados +2 more

Timeline

PublishedDec 18

Latest updateMay 24

Description

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

▶CVEListV5apple/macosunspecified — macOS Catalina 10.15

▶NVDapple/ipados< 13.1

▶NVDapple/mac_os_x< 10.15

▶CVEListV5apple/iosunspecified — iOS 13.1 and iPadOS 13.1

▶NVDapple/iphone_os< 13.1

🔴Vulnerability Details

GHSA

GHSA-x3pj-hqmh-9r9q: An issue existed in the drawing of web page elements↗2022-05-24

▶

OSV

CVE-2019-8769: An issue existed in the drawing of web page elements↗2019-12-18

▶

CVEList

CVE-2019-8769: An issue existed in the drawing of web page elements↗2019-12-18

▶

📋Vendor Advisories

Ubuntu

WebKitGTK+ vulnerabilities↗2019-11-07

▶

Red Hat

webkitgtk: Websites could reveal browsing history↗2019-10-29

▶

Apple

CVE-2019-8769: macOS Catalina 10.15↗2019-10-07

▶

Apple

CVE-2019-8769: iOS 13.1 and iPadOS 13.1↗2019-09-24

▶

Debian

CVE-2019-8769: webkit2gtk - An issue existed in the drawing of web page elements. The issue was addressed wi...↗2019

▶

💬Community

Bugzilla

CVE-2019-8769 webkitgtk: Websites could reveal browsing history↗2020-09-07

▶