CVE-2020-9993

Опубликовано: 08 дек. 2020

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

Ссылки

https://support.apple.com/en-us/HT211844
Vendor Advisory
https://support.apple.com/en-us/HT211845
Vendor Advisory
https://support.apple.com/en-us/HT211850
Vendor Advisory
https://support.apple.com/en-us/HT211844
Vendor Advisory
https://support.apple.com/en-us/HT211845
Vendor Advisory
https://support.apple.com/en-us/HT211850
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:14.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 7.0 (исключая)

EPSS

Процентиль: 48%

0.00247

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-1021

Связанные уязвимости

GHSA-f6p3-gc9f-3r6w

CVSS3: 4.3

github

больше 3 лет назад

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

EPSS

Процентиль: 48%

0.00247

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-1021