vulnerability

OS X update for NSURL (CVE-2020-9857)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	May 27, 2020	May 27, 2020	Apr 5, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

May 27, 2020

Added

May 27, 2020

Modified

Apr 5, 2021

Description

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari.

Solution

apple-osx-security-update-2020-003-mojave

References

CVE-2020-9857
https://attackerkb.com/topics/CVE-2020-9857
URL-https://support.apple.com/kb/HT211170

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today