Описание
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.1.2 (включая)Версия до 10.3.3 (включая)
Одно из
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00446
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-275
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
EPSS
Процентиль: 63%
0.00446
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-275