Unrated severityNVD Advisory· Published Sep 18, 2014· Updated Jun 17, 2026
CVE-2014-4363
CVE-2014-4363
Description
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: >=6.0,<=6.1.5
- (no CPE)range: < 8
- Range: < 8
Patches
Vulnerability mechanics
References
8- archives.neohapsis.com/archives/bugtraq/2014-09/0106.htmlnvdThird Party Advisory
- secunia.com/advisories/61306nvdThird Party Advisory
- support.apple.com/kb/HT6440nvdVendor Advisory
- support.apple.com/kb/HT6441nvdVendor Advisory
- www.securityfocus.com/bid/69882nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/69909nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1030866nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/96075nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.