Описание
A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| webkit2gtk | fixed | 2.52.1-1 | package | |
| webkit2gtk | end-of-life | bookworm | package | |
| wpewebkit | fixed | 2.52.1-1 | package | |
| wpewebkit | ignored | trixie | package | |
| wpewebkit | ignored | bookworm | package | |
| wpewebkit | end-of-life | bullseye | package |
Примечания
https://webkitgtk.org/security/WSA-2026-0002.html
Связанные уязвимости
A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins.
A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins.