CVE-2020-9912: Low severity safari vulnerability

Q: What is the vulnerability ID for this Safari Downloads issue?

The vulnerability ID for this issue is CVE-2020-9912.

Q: What is the title of this vulnerability?

The title of this vulnerability is Safari Downloads. A logic issue was addressed with improved restrictions.

Q: What software is affected by this vulnerability?

The Safari Downloads vulnerability affects the Apple Safari browser.

Q: What is the severity of CVE-2020-9912?

The severity of CVE-2020-9912 is not specified in the provided information.

Q: How do I fix the Safari Downloads vulnerability?

To fix the Safari Downloads vulnerability, update your Safari browser to version 13.1.2 or later. You can find the update instructions on the official Apple support page.

Published Jul 15, 2020

Updated

A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.

Other sources

Safari Downloads. A logic issue was addressed with improved restrictions.

Credit

Nikhil Mittal@@c0d3G33k(Payatu Labs)

Affected Software

2 affected componentsFixes available

Safari<13.1.2

13.1.2

Safari<13.1.2

Event History

Oct 16, 2020

CVE Published

via MITRE·04:45 PM

Data Sourced

via MITRE·04:45 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211292

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the vulnerability ID for this Safari Downloads issue?

The vulnerability ID for this issue is CVE-2020-9912.

What is the title of this vulnerability?