CVE-2017-7142: Infoleak
WebKit Storage. An information leakage issue existed in the handling of website data in Safari Private windows. This issue was addressed with improved data handling.
Other sources
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-13832
- CVE-2017-13863
- CVE-2017-7131
- CVE-2017-13829
- CVE-2017-13833
- CVE-2017-7083
- CVE-2017-13821
- CVE-2017-0381
- CVE-2017-13825
- CVE-2017-7088
- CVE-2017-13815
- CVE-2017-13828
- CVE-2017-11103
- CVE-2017-13830
- CVE-2017-7072
- CVE-2017-13814
- CVE-2017-13831
- CVE-2017-7114
- CVE-2017-13817
- CVE-2017-13818
- CVE-2017-13836
- CVE-2017-13841
- CVE-2017-13840
- CVE-2017-13842
- CVE-2017-13843
- CVE-2017-13854
- CVE-2017-13834
- CVE-2017-13873
- CVE-2017-7140
- CVE-2017-13813
- CVE-2017-13816
- CVE-2017-13812
- CVE-2017-7086
- CVE-2017-1000373
- CVE-2016-9063
- CVE-2017-9233
- CVE-2017-7376
- CVE-2017-5130
- CVE-2017-9050
- CVE-2017-9049
- CVE-2018-4302
- CVE-2017-7148
- CVE-2017-7078
- CVE-2017-7097
- CVE-2017-7118
- CVE-2017-7133
- CVE-2017-7075
- CVE-2017-7139
- CVE-2017-13806
- CVE-2017-13822
- CVE-2017-7132
- CVE-2017-7085
- CVE-2017-13877
- CVE-2017-7080
- CVE-2017-7146
- CVE-2017-10989
- CVE-2017-7128
- CVE-2017-7129
- CVE-2017-7130
- CVE-2017-7127
- CVE-2017-6211
- CVE-2017-7145
- CVE-2017-7081
- CVE-2017-7087
- CVE-2017-7091
- CVE-2017-7092
- CVE-2017-7093
- CVE-2017-7094
- CVE-2017-7095
- CVE-2017-7096
- CVE-2017-7098
- CVE-2017-7099
- CVE-2017-7100
- CVE-2017-7102
- CVE-2017-7104
- CVE-2017-7107
- CVE-2017-7111
- CVE-2017-7117
- CVE-2017-7120
- CVE-2017-7089
- CVE-2017-7090
- CVE-2017-7106
- CVE-2017-7109
- CVE-2017-7144
- CVE-2017-7142
- CVE-2017-11120
- CVE-2017-11121
- CVE-2017-7103
- CVE-2017-7105
- CVE-2017-7108
- CVE-2017-7110
- CVE-2017-7112
- CVE-2017-7115
- CVE-2017-7116
- CVE-2017-11122
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
Frequently Asked Questions
What is CVE-2017-7142?
CVE-2017-7142 is a vulnerability in Safari before version 11 that allows attackers to bypass the Safari Private Browsing protection mechanism and obtain sensitive information about visited websites.
Which products are affected by CVE-2017-7142?
Safari before version 11 and Apple iOS before version 11 are affected by CVE-2017-7142.
What is the severity of CVE-2017-7142?
The severity of CVE-2017-7142 is medium with a CVSS score of 5.3.
How can I fix CVE-2017-7142?
To fix CVE-2017-7142, it is recommended to update Safari to version 11 or later and Apple iOS to version 11 or later.
Where can I find more information about CVE-2017-7142?
You can find more information about CVE-2017-7142 on the following references: [SecurityFocus](http://www.securityfocus.com/bid/100996), [SecurityTracker](http://www.securitytracker.com/id/1039384), [Apple Support](https://support.apple.com/HT208116).