← back
CVE-2015-3754

CVE-2015-3754

EPSS 1.9%
The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2016-03/msg00054.htmlhttps://support.apple.com/kb/HT205033http://www.securityfocus.com/bid/76339http://www.securitytracker.com/id/1033274