CVE-2019-6229: XSS
First published: Tue Jan 22 2019(Updated: )
WebKit. A logic issue was addressed with improved validation.
Credit: Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <12.0.3 | 12.0.3 |
| Apple iCloud for Windows | <7.10 | 7.10 |
| Apple iTunes for Windows | <12.9.3 | 12.9.3 |
| Apple tvOS | <12.1.2 | 12.1.2 |
| Apple iOS | <12.1.3 | 12.1.3 |
| Apple Safari | <12.0.3 | |
| Apple iPhone OS | <12.1.3 | |
| Apple tvOS | <12.1.2 | |
| Apple iCloud | <7.10 | |
| Apple iTunes | <12.9.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209443 (Advisory)
- https://support.apple.com/en-us/HT209447 (Advisory)
- https://support.apple.com/en-us/HT209449 (Advisory)
- https://support.apple.com/en-us/HT209450 (Advisory)
- https://support.apple.com/en-us/HT209451 (Advisory)
- http://www.securityfocus.com/bid/106691
- https://security.gentoo.org/glsa/201903-12
- https://support.apple.com/HT209443
- https://support.apple.com/HT209447
- https://support.apple.com/HT209449
- https://support.apple.com/HT209450
- https://support.apple.com/HT209451
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-6228
- CVE-2019-6215
- CVE-2019-6212
- CVE-2019-6216
- CVE-2019-6217
- CVE-2019-6226
- CVE-2019-6227
- CVE-2019-6233
- CVE-2019-6234
- CVE-2019-6229
- CVE-2019-8570
- CVE-2018-20346
- CVE-2018-20505
- CVE-2018-20506
- CVE-2019-6235
- CVE-2019-6221
- CVE-2019-6231
- CVE-2019-6230
- CVE-2019-6224
- CVE-2019-6214
- CVE-2019-6225
- CVE-2019-6210
- CVE-2019-6205
- CVE-2019-6213
- CVE-2019-6209
- CVE-2019-6208
- CVE-2019-6218
- CVE-2019-6200
- CVE-2019-6202
- CVE-2019-6206
- CVE-2019-6219
- CVE-2019-6211
Frequently Asked Questions
What is CVE-2019-6229?
CVE-2019-6229 is a vulnerability in WebKit that allows for universal cross-site scripting through malicious web content.
Which software versions are affected by CVE-2019-6229?
CVE-2019-6229 affects iOS versions up to 12.1.3, tvOS versions up to 12.1.2, Safari versions up to 12.0.3, iTunes for Windows versions up to 12.9.3, and iCloud for Windows versions up to 7.10.
What is the severity of CVE-2019-6229?
CVE-2019-6229 has a severity rating of medium.
How can I fix the CVE-2019-6229 vulnerability?
To fix the CVE-2019-6229 vulnerability, update your iOS to version 12.1.3, update your tvOS to version 12.1.2, update your Safari to version 12.0.3, update your iTunes for Windows to version 12.9.3, and update your iCloud for Windows to version 7.10.
Where can I find more information about CVE-2019-6229?
For more information about CVE-2019-6229, you can refer to the following sources: SecurityFocus (http://www.securityfocus.com/bid/106691) and Apple Support (https://support.apple.com/HT209443).
- collector/apple-support
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/event
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/tags
- agent/description
- collector/nvd-index
- vendor/apple
- canonical/apple safari
- canonical/apple icloud for windows
- canonical/apple itunes for windows
- canonical/apple tvos
- canonical/apple ios
- canonical/apple iphone os
- canonical/apple icloud
- canonical/apple itunes
- vendor/microsoft
- canonical/microsoft windows