First published: Thu Sep 19 2019(Updated: )
WebKit. "Clear History and Website Data" did not fully clear the history. The issue was addressed with improved data deletion.
Credit: Hugo S. Diaz (coldpointblue) Hugo S. Diaz (coldpointblue) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X | <10.15 | |
redhat/webkitgtk | <2.24.0 | 2.24.0 |
Apple iOS | <13 | 13 |
Apple macOS Catalina | <10.15 | 10.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2019-8768 is a vulnerability in WebKit where the 'Clear History and Website Data' feature does not clear the browsing history.
The severity of CVE-2019-8768 is medium, with a CVSS score of 5.3.
CVE-2019-8768 affects macOS Catalina 10.15, but it has been fixed with improved data deletion.
To fix CVE-2019-8768 on macOS Catalina, update to the latest version of macOS Catalina (10.15) that includes the fix.
Yes, CVE-2019-8768 also affects Apple iOS, specifically versions up to (but not including) iOS 13.