Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-40785

Опубликовано: 31 июл. 2024
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

Отчет

This vulnerability impacts iOS only, thus there's no supported Red Hat product affected by this flaw.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6webkitgtkNot affected
Red Hat Enterprise Linux 7webkitgtk3Not affected
Red Hat Enterprise Linux 7webkitgtk4Not affected
Red Hat Enterprise Linux 8webkit2gtk3Not affected
Red Hat Enterprise Linux 9webkit2gtk3Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=2302068webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to a cross site scripting attack

EPSS

Процентиль: 70%
0.00635
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-40785

CVSS3: 6.1
ubuntu
больше 1 года назад

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

nvd логотип

CVE-2024-40785

CVSS3: 6.1
nvd
больше 1 года назад

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

debian логотип

CVE-2024-40785

CVSS3: 6.1
debian
больше 1 года назад

This issue was addressed with improved checks. This issue is fixed in ...

github логотип

GHSA-6hq7-9r57-p64g

CVSS3: 6.1
github
больше 1 года назад

This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.

suse-cvrf логотип

SUSE-SU-2024:3109-1

suse-cvrf
больше 1 года назад

Security update for webkit2gtk3

EPSS

Процентиль: 70%
0.00635
Низкий

7.5 High

CVSS3