Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2026-20643

Опубликовано: 17 мар. 2026
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.4

Описание

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy.

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

ignored

esm-apps/focal

ignored

esm-apps/jammy

ignored

esm-apps/noble

ignored

esm-infra-legacy/xenial

ignored

esm-infra/xenial

ignored

jammy

ignored

noble

ignored

questing

DNE

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps-legacy/xenial

ignored

esm-apps/bionic

ignored

esm-apps/xenial

ignored

jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

pending

2.52.3-2
esm-infra-legacy/xenial

ignored

esm-infra/bionic

ignored

esm-infra/focal

ignored

esm-infra/xenial

ignored

jammy

ignored

noble

released

2.52.3-0ubuntu0.24.04.1
questing

released

2.52.3-0ubuntu0.25.10.1
resolute

released

2.52.3-0ubuntu0.26.04.2
upstream

released

2.52.1

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps-legacy/xenial

ignored

esm-apps/bionic

ignored

esm-apps/xenial

ignored

jammy

DNE

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

ignored

esm-apps/jammy

ignored

jammy

ignored

noble

DNE

questing

DNE

resolute

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 27%
0.00354
Низкий

5.4 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2026-20643

CVSS3: 5.4
redhat
3 месяца назад

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy.

nvd логотип

CVE-2026-20643

CVSS3: 5.4
nvd
3 месяца назад

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy.

debian логотип

CVE-2026-20643

CVSS3: 5.4
debian
3 месяца назад

A cross-origin issue in the Navigation API was addressed with improved ...

github логотип

GHSA-gvvx-mjmx-h5qh

CVSS3: 5.4
github
3 месяца назад

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. Processing maliciously crafted web content may bypass Same Origin Policy.

fstec логотип

BDU:2026-04941

CVSS3: 8.1
fstec
3 месяца назад

Уязвимость компонента Navigation API операционных систем iOS, iPadOS, MacOS, позволяющая нарушителю обойти существующие механизмы безопасности

EPSS

Процентиль: 27%
0.00354
Низкий

5.4 Medium

CVSS3