First published: Tue Mar 24 2020(Updated: )
WebKit. A type confusion issue was addressed with improved memory handling.
Credit: Brendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend MicroBrendan Draper @6r3nd4n Trend Micro product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple This document describes the security content of tvOS | <13.4 | 13.4 |
Apple iCloud for Windows | <7.18 | 7.18 |
Apple Safari | <13.1 | 13.1 |
Apple iCloud for Windows | <10.9.3 | 10.9.3 |
Apple iTunes for Windows | <12.10.5 | 12.10.5 |
Apple watchOS | <6.2 | 6.2 |
Apple iOS | <13.4 | 13.4 |
Apple iPadOS | <13.4 | 13.4 |
redhat/webkitgtk | <2.28.0 | 2.28.0 |
Apple Icloud Windows | <7.18 | |
Apple Icloud Windows | >=10.0.0<10.9.3 | |
Apple Itunes Windows | <12.10.5 | |
Apple Safari | <13.1 | |
Apple Ipad Os | <13.4 | |
Apple iPhone OS | <13.4 | |
Apple tvOS | <13.4 | |
Apple watchOS | <6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2020-3897 is a type confusion issue in WebKit that was addressed with improved memory handling.
The affected software versions include Safari 13.1, iOS up to 13.4, iPadOS up to 13.4, watchOS up to 6.2, iCloud for Windows up to 7.18, iTunes for Windows up to 12.10.5, iCloud for Windows up to 10.9.3, and tvOS up to 13.4.
To fix the CVE-2020-3897 vulnerability, it is recommended to update the affected software to the latest version provided by Apple.
You can find more information about CVE-2020-3897 on the Apple support page at the following references: [reference 1](https://support.apple.com/en-us/HT211103), [reference 2](https://support.apple.com/en-us/HT211104), [reference 3](https://support.apple.com/en-us/HT211102).