CVE-2020-3852: Medium severity safari vulnerability

Q: What is CVE-2020-3852?

CVE-2020-3852 is a vulnerability in Safari that involves a logic issue that has been addressed with improved validation.

Q: How does CVE-2020-3852 impact Safari?

CVE-2020-3852 can potentially affect Safari users as it is a vulnerability in the browser's logic.

Q: Which version of Apple Safari is affected by CVE-2020-3852?

Versions up to but excluding 13.0.5 of Apple Safari are affected by CVE-2020-3852.

Q: How can I fix CVE-2020-3852?

To fix CVE-2020-3852, update your Apple Safari version to 13.0.5 or later.

Q: Where can I find more information about CVE-2020-3852?

You can find more information about CVE-2020-3852 on the Apple support website.

Published Jan 28, 2020

Updated

A logic issue was addressed with improved validation. This issue is fixed in Safari 13.0.5. A URL scheme may be incorrectly ignored when determining multimedia permission for a website.

Other sources

Safari. A logic issue was addressed with improved validation.

Credit

Ryan Pickren (ryanpickren.com)

Affected Software

2 affected componentsFixes available

Safari<13.0.5

13.0.5

Safari<13.0.5

Event History

Oct 27, 2020

CVE Published

via MITRE·08:09 PM

Data Sourced

via MITRE·08:09 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT210922

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2020-3852?

CVE-2020-3852 is a vulnerability in Safari that involves a logic issue that has been addressed with improved validation.

How does CVE-2020-3852 impact Safari?