CVE-2020-29623
Published on: 04/02/2021 12:00:00 AM UTC
Last Modified on: 06/02/2021 01:16:00 PM UTC
Certain versions of Ipados from Apple contain the following vulnerability:
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history.
- CVE-2020-29623 has been assigned by
product-sec[email protected] to track the vulnerability - currently rated as LOW severity.
- Affected Vendor/Software:
Apple - iOS and iPadOS version < 14.3
- Affected Vendor/Software:
Apple - tvOS version < 14.3
- Affected Vendor/Software:
Apple - macOS version < 11.1
CVSS3 Score: 3.3 - LOW
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | LOW | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | LOW | NONE |
CVSS2 Score: 2.1 - LOW
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
LOCAL | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
NONE | PARTIAL | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
About the security content of tvOS 14.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of iOS 14.3 and iPadOS 14.3 - Apple Support | support.apple.com text/html |
![]() |
WebkitGTK+: Multiple vulnerabilities (GLSA 202104-03) — Gentoo security | security.gentoo.org text/html |
![]() |
[SECURITY] Fedora 33 Update: webkit2gtk3-2.32.0-1.fc33 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org text/html |
![]() |
About the security content of macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave - Apple Support | support.apple.com text/html |
![]() |
[SECURITY] Fedora 32 Update: webkit2gtk3-2.30.6-1.fc32 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org text/html |
![]() |
Related QID Numbers
- 159499 Oracle Enterprise Linux Security Update for GNOME (ELSA-2021-4381)
- 174960 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1430-1)
- 174986 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1499-1)
- 178515 Debian Security Update for webkit2gtk (DSA 4877-1)
- 198312 Ubuntu Security Notification for Webkit2gtk Vulnerabilities (USN-4894-1)
- 239811 Red Hat Update for gnome security (RHSA-2021:4381)
- 281404 Fedora Security Update for webkit2gtk3 (FEDORA-2021-619711d709)
- 281405 Fedora Security Update for webkit2gtk3 (FEDORA-2021-864dc37032)
- 281406 Fedora Security Update for webkit2gtk3 (FEDORA-2021-8070916f7a)
- 296067 Oracle Solaris 11.4 Support Repository Update (SRU) 33.94.0 Missing (CPUAPR2021)
- 355438 Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2023-2088
- 501711 Alpine Linux Security Update for webkit2gtk
- 501939 Alpine Linux Security Update for webkit2gtk
- 710013 Gentoo Linux WebkitGTK+ Multiple Vulnerabilities (GLSA 202104-03)
- 750239 OpenSUSE Security Update for webkit2gtk3 (openSUSE-SU-2021:0637-1)
- 750655 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:1990-1)
- 751623 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:0142-1)
- 751646 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:0183-1)
- 751648 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:0182-1)
- 751659 OpenSUSE Security Update for webkit2gtk3 (openSUSE-SU-2022:0182-1)
- 751755 OpenSUSE Security Update for webkit2gtk3 (openSUSE-SU-2022:0182-2)
- 940070 AlmaLinux Security Update for GNOME (ALSA-2021:4381)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Apple | Ipados | All | All | All | All |
Operating System | Apple | Iphone Os | All | All | All | All |
Operating System | Apple | Macos | All | All | All | All |
Operating System | Apple | Mac Os X | All | All | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | - | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-001 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-002 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-006 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-007 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-001 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-002 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-003 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-004 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-005 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-006 | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | supplemental_update | All | All |
Operating System | Apple | Mac Os X | 10.14.6 | supplemental_update_2 | All | All |
Operating System | Apple | Mac Os X | 10.15.7 | - | All | All |
Operating System | Apple | Mac Os X | 10.15.7 | supplemental_update | All | All |
Operating System | Apple | Tvos | All | All | All | All |
Operating System | Fedoraproject | Fedora | 32 | All | All | All |
Operating System | Fedoraproject | Fedora | 33 | All | All | All |
Application | Webkitgtk | Webkitgtk | All | All | All | All |
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*:
- cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*:
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*:
- cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
CVE-2020-29623 : "Clear History and Website Data" did not clear the history. The issue was addressed with improved… twitter.com/i/web/status/1… | 2021-04-02 18:23:27 |