CVE-2020-9912
First published: Wed Jul 15 2020(Updated: )
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.
Credit: product-security@apple.com Nikhil Mittal @c0d3G33k Payatu Labs
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <13.1.2 | |
| Apple Safari | <13.1.2 | 13.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this Safari Downloads issue?
The vulnerability ID for this issue is CVE-2020-9912.
What is the title of this vulnerability?
The title of this vulnerability is Safari Downloads. A logic issue was addressed with improved restrictions.
What software is affected by this vulnerability?
The Safari Downloads vulnerability affects the Apple Safari browser.
What is the severity of CVE-2020-9912?
The severity of CVE-2020-9912 is not specified in the provided information.
How do I fix the Safari Downloads vulnerability?
To fix the Safari Downloads vulnerability, update your Safari browser to version 13.1.2 or later. You can find the update instructions on the official Apple support page.
- collector/nvd-index
- collector/apple-support
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/tags
- agent/description
- agent/event
- agent/trending
- vendor/apple
- canonical/apple safari