vulnerability

Apple Safari security update for CVE-2017-7006

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:H/Au:N/C:P/I:N/A:N)	Jul 19, 2017	Jul 19, 2017	Aug 11, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:N/A:N)

Published

Jul 19, 2017

Added

Jul 19, 2017

Modified

Aug 11, 2025

Description

Processing maliciously crafted web content may allow cross-origin data to be exfiltrated by using SVG filters to conduct a timing side-channel attack. This issue was addressed by not painting the cross-origin buffer into the frame that gets filtered.

Solutions

apple-safari-upgrade-10_1_2apple-safari-windows-uninstall

References

CVE-2017-7006
https://attackerkb.com/topics/CVE-2017-7006
CWE-203
URL-http://support.apple.com/kb/HT207921

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today