Уязвимость выполнения произвольного кода при обработке веб-контента в iOS, iPadOS, tvOS, macOS Ventura, Safari и watchOS
Описание
Проблема решена благодаря улучшенным проверкам. Обработка веб-контента могла привести к выполнению произвольного кода.
Затронутые версии ПО
- iOS < 15.7.8
- iPadOS < 15.7.8
- iOS < 16.6
- iPadOS < 16.6
- tvOS < 16.6
- macOS Ventura < 13.5
- Safari < 16.6
- watchOS < 9.6
Тип уязвимости
Выполнение произвольного кода
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.
The issue was addressed with improved checks. This issue is fixed in i ...
The issue was addressed with improved checks. This issue is fixed in Safari 16.6, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6. Processing web content may lead to arbitrary code execution.
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit операционных систем iOS, iPadOS, tvOS, macOS, watchOS, браузера Safari, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3