CVE-2019-6229: XSS
First published: Tue Jan 22 2019(Updated: )
WebKit. A logic issue was addressed with improved validation.
Credit: Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) product-security@apple.com product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| tvOS | <12.1.2 | 12.1.2 |
| Apple iCloud | <7.10 | 7.10 |
| iTunes | <12.9.3 | 12.9.3 |
| Safari | <12.0.3 | 12.0.3 |
| Apple iOS and iPadOS | <12.1.3 | 12.1.3 |
| Safari | <12.0.3 | |
| iPhone OS | <12.1.3 | |
| tvOS | <12.1.2 | |
| All of | ||
| Any of | ||
| iCloud | <7.10 | |
| iTunes | <12.9.3 | |
| Microsoft Windows Operating System | ||
| iCloud | <7.10 | |
| iTunes | <12.9.3 | |
| Microsoft Windows Operating System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209443 (Advisory)
- https://support.apple.com/en-us/HT209447 (Advisory)
- https://support.apple.com/en-us/HT209449 (Advisory)
- https://support.apple.com/en-us/HT209450 (Advisory)
- https://support.apple.com/en-us/HT209451 (Advisory)
- http://www.securityfocus.com/bid/106691
- https://security.gentoo.org/glsa/201903-12
- https://support.apple.com/HT209443
- https://support.apple.com/HT209447
- https://support.apple.com/HT209449
- https://support.apple.com/HT209450
- https://support.apple.com/HT209451
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-6235
- CVE-2019-6231
- CVE-2019-6230
- CVE-2019-6224
- CVE-2019-6214
- CVE-2019-6225
- CVE-2019-6210
- CVE-2019-6205
- CVE-2019-6213
- CVE-2019-6209
- CVE-2019-6208
- CVE-2019-6218
- CVE-2018-20346
- CVE-2018-20505
- CVE-2018-20506
- CVE-2019-6227
- CVE-2019-6233
- CVE-2019-6234
- CVE-2019-6229
- CVE-2019-6215
- CVE-2019-6212
- CVE-2019-6216
- CVE-2019-6217
- CVE-2019-6226
- CVE-2019-8570
- CVE-2019-6221
- CVE-2019-6228
- CVE-2019-6200
- CVE-2019-6202
- CVE-2019-6206
- CVE-2019-6219
- CVE-2019-6211
Frequently Asked Questions
What is CVE-2019-6229?
CVE-2019-6229 is a vulnerability in WebKit that allows for universal cross-site scripting through malicious web content.
Which software versions are affected by CVE-2019-6229?
CVE-2019-6229 affects iOS versions up to 12.1.3, tvOS versions up to 12.1.2, Safari versions up to 12.0.3, iTunes for Windows versions up to 12.9.3, and iCloud for Windows versions up to 7.10.
What is the severity of CVE-2019-6229?
CVE-2019-6229 has a severity rating of medium.
How can I fix the CVE-2019-6229 vulnerability?
To fix the CVE-2019-6229 vulnerability, update your iOS to version 12.1.3, update your tvOS to version 12.1.2, update your Safari to version 12.0.3, update your iTunes for Windows to version 12.9.3, and update your iCloud for Windows to version 7.10.
Where can I find more information about CVE-2019-6229?
For more information about CVE-2019-6229, you can refer to the following sources: SecurityFocus (http://www.securityfocus.com/bid/106691) and Apple Support (https://support.apple.com/HT209443).
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/event
- agent/trending
- agent/source
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/tvos
- canonical/apple icloud
- canonical/itunes
- canonical/safari
- canonical/apple ios and ipados
- canonical/iphone os
- canonical/icloud
- vendor/microsoft
- canonical/microsoft windows operating system