Описание
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | webkitgtk | Out of support scope | ||
| Red Hat Enterprise Linux 7 | webkitgtk3 | Out of support scope | ||
| Red Hat Enterprise Linux 9 | webkit2gtk3 | Not affected | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | webkitgtk4 | Fixed | RHSA-2025:10364 | 07.07.2025 |
| Red Hat Enterprise Linux 8 | webkit2gtk3 | Fixed | RHSA-2021:4381 | 09.11.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.3 Critical
CVSS3
Связанные уязвимости
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
A logic issue was addressed with improved restrictions. This issue is ...
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.
Уязвимость модулей отображения веб-страниц WebKitGTK, WPE WebKit, связанная с недостатками процедуры аутентификации, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
EPSS
9.3 Critical
CVSS3