CVE-2020-9857Apple Macos vulnerability

2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 51.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple MAC OS X
Timeline
PublishedOct 27
Latest updateMay 24

Description

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5apple/macosunspecified10.15
NVDapple/mac_os_x< 10.15.5

🔴Vulnerability Details

1
GHSA
GHSA-7v67-67cj-7535: An issue existed in the parsing of URLs2022-05-24
CVE-2020-9857 — Apple Macos vulnerability | cvebase