Описание
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.
Ссылки
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.0.1 (исключая)Версия до 11.0.1 (исключая)
Одно из
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.0034
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-1021
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.
EPSS
Процентиль: 56%
0.0034
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-1021