Описание
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
A flaw was found in the WebGPU, part of the Webkit project. This flaw allows a remote attacker to break out of the Web Content sandbox.
Отчет
Red Hat is not aware of any exploitation of this flaw in Linux platforms at this time. This issue does not affect WebkitGTK as shipped in Red Hat Enterprise Linux 6, 7, 8 and 9, because it does not use the GPU process affected by this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | webkitgtk | Out of support scope | ||
| Red Hat Enterprise Linux 7 | webkitgtk3 | Not affected | ||
| Red Hat Enterprise Linux 7 | webkitgtk4 | Not affected | ||
| Red Hat Enterprise Linux 8 | webkit2gtk3 | Not affected | ||
| Red Hat Enterprise Linux 9 | webkit2gtk3 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
The issue was addressed with improved bounds checks. This issue is fix ...
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited.
Уязвимость модуля отображения веб-страниц WebKit операционных систем iOS, iPadOS, watchOS, tvOS, браузера Safari, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3