In Safari’s WebKit, versions Safari-536.11 through Safari-610.1.16.3 are vulnerable to an infinite loop, due to an unreachable exit condition in JSCallbackObject::deleteProperty when propertyName is an index. This causes the app to consume excessive resources and eventually cause DoS.
WS-2020-0447 - High Severity Vulnerability
iOS Debugging Tool ?
Library home page: https://github.com/CocoaDebug/CocoaDebug.git
Found in HEAD commit: d388e16464e00b9ce84df0d247029f534a429b90
Found in base branch: main
In Safari’s WebKit, versions Safari-536.11 through Safari-610.1.16.3 are vulnerable to an infinite loop, due to an unreachable exit condition in JSCallbackObject::deleteProperty when propertyName is an index. This causes the app to consume excessive resources and eventually cause DoS.
Publish Date: 2020-06-11
URL: WS-2020-0447
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Release Date: 2020-06-11
Fix Resolution: Safari-610.1.17
Step up your Open Source Security Game with Mend here