Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-40857HistorySep 17, 2024 - 12:15 a.m.
CVE-2024-40857
2024-09-1700:15:49
Debian Security Bug Tracker
security-tracker.debian.org
apple
state management
cross-site scripting
safari
visionos
watchos
macos sequoia
ios
ipados
tvos
web content vulnerability
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.6
Confidence
High
This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | webkit2gtk | <= 2.44.2-1~deb12u1 | webkit2gtk_2.44.2-1~deb12u1_all.deb |
| Debian | 11 | all | webkit2gtk | <= 2.44.2-1~deb11u1 | webkit2gtk_2.44.2-1~deb11u1_all.deb |
| Debian | 999 | all | webkit2gtk | < 2.46.0-1 | webkit2gtk_2.46.0-1_all.deb |
| Debian | 13 | all | webkit2gtk | < 2.46.0-1 | webkit2gtk_2.46.0-1_all.deb |
| Debian | 12 | all | wpewebkit | <= 2.38.6-1 | wpewebkit_2.38.6-1_all.deb |
| Debian | 11 | all | wpewebkit | <= 2.38.6-1~deb11u1 | wpewebkit_2.38.6-1~deb11u1_all.deb |
| Debian | 999 | all | wpewebkit | <= 2.44.4-1 | wpewebkit_2.44.4-1_all.deb |
| Debian | 13 | all | wpewebkit | <= 2.44.4-1 | wpewebkit_2.44.4-1_all.deb |
Related
nvd
nvd
CVE-2024-40857
2024-09-17 00:15:49
cvelist
cvelist
CVE-2024-40857
2024-09-16 23:22:32
cve
cve
CVE-2024-40857
2024-09-17 00:15:49
vulnrichment
vulnrichment
CVE-2024-40857
2024-09-16 23:22:32
osv
osv
CVE-2024-40857
2024-09-17 00:15:49
openvas
openvas
Apple Safari Security Update (HT121241)
2024-09-20 00:00:00
nessus
nessus
Apple TV < 18 Multiple Vulnerabilities (121248)
2024-09-24 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.6
Confidence
High
Related for DEBIANCVE:CVE-2024-40857