VYPR
Medium severity6.8NVD Advisory· Published Sep 25, 2016· Updated Jun 17, 2026

CVE-2016-4763

CVE-2016-4763

Description

WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Apple Inc./iTunes2 versions
    cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=12.4.3
    • (no CPE)range: <12.5.1
  • Apple Inc./Safari2 versions
    cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <=9.1.3
    • (no CPE)range: <10
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <=9.3.5
  • Range: <10
  • Apple Inc./iOSllm-fuzzy
    Range: <10

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.