Lucene search

Redhat.comRH:CVE-2024-27838

HistorySep 25, 2024 - 4:10 p.m.

CVE-2024-27838

2024-09-2516:10:55

redhat.com

access.redhat.com

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

Low

JSON

A flaw was found in WebKit. This vulnerability allows a maliciously crafted webpage to fingerprint the user.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

References

bugzilla.redhat.com/show_bug.cgi?id=2314702

nvd.nist.gov/vuln/detail/CVE-2024-27838

webkitgtk.org/security/WSA-2024-0005.html

www.cve.org/CVERecord?id=CVE-2024-27838

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

Low

JSON

Related for RH:CVE-2024-27838