A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2020-10-27T19:53:52
Updated: 2024-08-04T21:31:37.337Z
Reserved: 2019-02-18T00:00:00
Link: CVE-2019-8834
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-10-27T20:15:20.597
Modified: 2024-11-21T04:50:34.033
Link: CVE-2019-8834
Redhat
No data.