Lucene search

K
redhatcveRedhat.comRH:CVE-2024-40782
HistoryJul 31, 2024 - 4:06 p.m.

CVE-2024-40782

2024-07-3116:06:51
redhat.com
access.redhat.com
12
memory management
ios 16.7.9
ipados 16.7.9
safari 17.6
watchos 10.6
tvos 17.6
visionos 1.3
macos sonoma 14.6
unexpected process crash

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

A flaw was found in WebKitGTK. Processing malicious web content can trigger a use-after-free issue due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service.

Mitigation

Do not process or load untrusted web content with WebKitGTK.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High