CVE-2020-9915

An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

Affected Software

Name	Vendor	Start Version	End Version
Icloud	Apple	*	7.20 (excluding)
Icloud	Apple	11.0 (including)	11.3 (excluding)
Itunes	Apple	*	12.10.8 (excluding)
Safari	Apple	*	13.1.2 (excluding)
Ipados	Apple	*	13.6 (excluding)
Iphone_os	Apple	*	13.6 (excluding)
Tvos	Apple	*	13.4.8 (excluding)
Watchos	Apple	*	6.2.8 (excluding)
Red Hat Enterprise Linux 7 Extended Lifecycle Support	RedHat	webkitgtk4-0:2.48.3-2.el7_9	*
Red Hat Enterprise Linux 8	RedHat	webkit2gtk3-0:2.28.4-1.el8	*
Qtwebkit	Ubuntu	trusty	*
Qtwebkit-opensource-src	Ubuntu	bionic	*
Qtwebkit-opensource-src	Ubuntu	devel	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/bionic	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/focal	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/jammy	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/noble	*
Qtwebkit-opensource-src	Ubuntu	esm-infra/xenial	*
Qtwebkit-opensource-src	Ubuntu	focal	*
Qtwebkit-opensource-src	Ubuntu	groovy	*
Qtwebkit-opensource-src	Ubuntu	hirsute	*
Qtwebkit-opensource-src	Ubuntu	impish	*
Qtwebkit-opensource-src	Ubuntu	jammy	*
Qtwebkit-opensource-src	Ubuntu	kinetic	*
Qtwebkit-opensource-src	Ubuntu	lunar	*
Qtwebkit-opensource-src	Ubuntu	mantic	*
Qtwebkit-opensource-src	Ubuntu	noble	*
Qtwebkit-opensource-src	Ubuntu	trusty	*
Qtwebkit-opensource-src	Ubuntu	upstream	*
Qtwebkit-opensource-src	Ubuntu	xenial	*
Qtwebkit-source	Ubuntu	bionic	*
Qtwebkit-source	Ubuntu	esm-apps/bionic	*
Qtwebkit-source	Ubuntu	esm-apps/xenial	*
Qtwebkit-source	Ubuntu	trusty	*
Qtwebkit-source	Ubuntu	xenial	*
Webkit2gtk	Ubuntu	bionic	*
Webkit2gtk	Ubuntu	devel	*
Webkit2gtk	Ubuntu	esm-infra/bionic	*
Webkit2gtk	Ubuntu	esm-infra/focal	*
Webkit2gtk	Ubuntu	esm-infra/xenial	*
Webkit2gtk	Ubuntu	focal	*
Webkit2gtk	Ubuntu	groovy	*
Webkit2gtk	Ubuntu	hirsute	*
Webkit2gtk	Ubuntu	impish	*
Webkit2gtk	Ubuntu	jammy	*
Webkit2gtk	Ubuntu	kinetic	*
Webkit2gtk	Ubuntu	lunar	*
Webkit2gtk	Ubuntu	mantic	*
Webkit2gtk	Ubuntu	noble	*
Webkit2gtk	Ubuntu	xenial	*
Webkitgtk	Ubuntu	bionic	*
Webkitgtk	Ubuntu	esm-apps/bionic	*
Webkitgtk	Ubuntu	esm-apps/xenial	*
Webkitgtk	Ubuntu	trusty	*
Webkitgtk	Ubuntu	xenial	*
Wpewebkit	Ubuntu	esm-apps/focal	*
Wpewebkit	Ubuntu	focal	*
Wpewebkit	Ubuntu	trusty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-9915
CWE	https://cwe.mitre.org/data/definitions/.html

Affected Software

References