Описание
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
A flaw was found in WebKit. This flaw allows a remote attacker to conduct spoofing attacks by exploiting an inconsistent user interface issue. The attacker could perform address bar spoofing by tricking a victim into visiting a specially crafted website.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | webkitgtk3 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | webkitgtk4 | Out of support scope | ||
| Red Hat Enterprise Linux 8 | webkit2gtk3 | Fixed | RHSA-2024:9636 | 14.11.2024 |
| Red Hat Enterprise Linux 9 | webkit2gtk3 | Fixed | RHSA-2024:8180 | 16.10.2024 |
| Red Hat Enterprise Linux 9 | webkit2gtk3 | Fixed | RHSA-2024:9553 | 13.11.2024 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS3
Связанные уязвимости
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
The issue was addressed with improved UI. This issue is fixed in Safar ...
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с ложным представлением критической информации пользовательским интерфейсом, позволяющая нарушителю оказать воздействие на целостность данных
6.5 Medium
CVSS3