CVE-2015-3754 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-3754 Interim 1 6 2023-12-08T02:12:54Z current 2021-05-30T13:30:10Z 2023-12-08T02:12:54Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-3754 The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site. CVE-2015-3754 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N