CVE-2020-9775: Medium severity macos catalina vulnerability

Q: What is the vulnerability ID for this issue in Safari?

The vulnerability ID for this issue in Safari is CVE-2020-9775.

Q: What is the affected software for this vulnerability?

The affected software includes macOS Catalina, Apple Mojave, Apple High Sierra, Apple iOS, and Apple iPadOS.

Q: What version of macOS Catalina is affected?

Versions up to and excluding 10.15.4 of macOS Catalina are affected.

Q: What version of iOS is affected?

Versions up to and excluding 13.4 of iOS are affected.

Q: How can I fix this vulnerability?

To fix this vulnerability, update to the latest version of the affected software.

Published Mar 24, 2020

Updated

An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user's private browsing activity may be unexpectedly saved in Screen Time.

Other sources

Safari. An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling.

Credit

Andrian@@retroplasma, Marat Turaev, Marek Wawro (futurefinance.com), Sambor Wawro(STO64 School Krakow Poland)

Affected Software

8 affected componentsFixes available

Apple macOS Catalina<10.15.4

10.15.4

Apple Mojave

Apple High Sierra

Apple iOS<13.4

13.4

Apple iPadOS<13.4

13.4

Apple iPadOS<13.4

Apple iPhone OS<13.4

Apple iOS and macOS>=10.15<10.15.4

Event History

Apr 1, 2020

CVE Published

via MITRE·05:55 PM

Data Sourced

via MITRE·05:55 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the vulnerability ID for this issue in Safari?

The vulnerability ID for this issue in Safari is CVE-2020-9775.

What is the affected software for this vulnerability?