Описание
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
A flaw was found in WebKitGTK. Processing malicious web content may cause an out-of-bounds read due to an improper input validation, resulting in sensitive content leaking.
Отчет
The WebKitGTK package versions, as shipped with Red Hat Enterprise 8 and 9, are not affected by this vulnerability. This flaw is related to the JIT code, which is currently disabled by default on both Red Hat Enterprise Linux versions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | webkitgtk | Out of support scope | ||
| Red Hat Enterprise Linux 7 | webkitgtk3 | Out of support scope | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | webkitgtk4 | Fixed | RHSA-2025:10364 | 07.07.2025 |
| Red Hat Enterprise Linux 8 | webkit2gtk3 | Fixed | RHSA-2023:4202 | 18.07.2023 |
| Red Hat Enterprise Linux 9 | webkit2gtk3 | Fixed | RHSA-2023:4201 | 18.07.2023 |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS3
Связанные уязвимости
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
An out-of-bounds read was addressed with improved input validation. Th ...
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Уязвимость операционных систем iOS, iPadOS, macOS и браузера Safari, связанная с недостатками контроля доступа, позволяющая нарушителю раскрыть защищаемую информацию
6.8 Medium
CVSS3