First published: Thu Nov 12 2020(Updated: )
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.
Credit: Narendra Bhati @imnarendrabhati Suma Soft Pvt product-security@apple.com Narendra Bhati @imnarendrabhati Suma Soft Pvt
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <14.0.1 | 14.0.1 |
Apple macOS Big Sur | <11.0.1 | 11.0.1 |
Apple Safari | <14.0.1 | |
Apple Mac OS X | <11.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2020-9945 is a vulnerability in Safari that allows for URL spoofing.
CVE-2020-9945 affects Safari by allowing attackers to spoof URLs.
The severity of CVE-2020-9945 is not specified.
To fix CVE-2020-9945, update Safari to version 14.0.1 or macOS Big Sur to version 11.0.1.
You can find more information about CVE-2020-9945 on the Apple support website: [https://support.apple.com/en-us/HT211934](https://support.apple.com/en-us/HT211934) and [https://support.apple.com/en-us/HT211931](https://support.apple.com/en-us/HT211931).