CVE-2020-9915
Summary
| CVE | CVE-2020-9915 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-10-16 17:15:00 UTC |
| Updated | 2023-01-09 16:41:00 UTC |
| Description | An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apple | Icloud | All | All | All | All |
| Application | Apple | Icloud | All | All | All | All |
| Operating System | Apple | Ipados | All | All | All | All |
| Operating System | Apple | Ipad Os | All | All | All | All |
| Operating System | Apple | Ipad Os | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Application | Apple | Itunes | All | All | All | All |
| Application | Apple | Itunes | All | All | All | All |
| Application | Apple | Safari | All | All | All | All |
| Application | Apple | Safari | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of watchOS 6.2.8 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of Safari 13.1.2 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of iCloud for Windows 11.3 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of iCloud for Windows 7.20 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of iTunes 12.10.8 for Windows - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of tvOS 13.4.8 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| About the security content of iOS 13.6 and iPadOS 13.6 - Apple Support | MISC | support.apple.com | Release Notes, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 501293 Alpine Linux Security Update for webkit2gtk
- 505514 Alpine Linux Security Update for webkit2gtk
- 770068 Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021:0436)
- 940362 AlmaLinux Security Update for GNOME (ALSA-2020:4451)
- 960761 Rocky Linux Security Update for GNOME (RLSA-2020:4451)