Total vulnerabilities in the database
The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header within a response to an HTTP CONNECT request, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.
| Software | From | Fixed in |
|---|---|---|
| apple / mac_os_x | - | 10.10.5.x |
| apple / iphone_os | - | 8.4.1.x |
| apple / watchos | 1.0 | 1.0.x |