CVE-2021-33595

3 documents3 sources
Severity
3.5LOW
EPSS
0.3%
top 46.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
F-secure F-secure Mobile SecurityF-secure Safe
Timeline
PublishedAug 11
Latest updateMay 24

Description

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

NVDf-secure/safe< 18.4.272901
CVEListV5f-secure/f-secure_mobile_security18.4x18.3x*

🔴Vulnerability Details

2
GHSA
GHSA-9crg-g7r6-784v: A address bar spoofing vulnerability was discovered in Safe Browser for iOS2022-05-24
CVEList
F-Secure Safe browser for iOS vulnerable to Address Bar Spoofing2021-08-11
CVE-2021-33595 (LOW CVSS 3.5) | A address bar spoofing vulnerabilit | cvebase.io