Apple Gets Serious about Information Disclosure in OS X 10.10.1
Page 1 of 1
Three issues fixed by the OS X 10.10.1 update are rated as being important by Apple, and all three represent potential information leakage risks.
CVE-2014-4460 is a vulnerability that could impact Apple Safari users employing the Private Browsing mode in the browser. With Private Browsing, the promise is that history and cookie information is deleted when the browsing session ends. With the CVE-2014-4460 flaw, which Apple has now patched, the Website cache may not be properly and fully cleared when a user leaves the Private Browsing mode.