14 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-23263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma...
Fedora: Security Advisory (FEDORA-2024-a1246372a4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : webkit2gtk4.0 (2024-a1246372a4)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a1246372a4 advisory. Update to 2.44.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
SUSE: Security Advisory (SUSE-SU-2024:1269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1270-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : webkitgtk (2024-7ee03010c5)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7ee03010c5 advisory. Update to 2.44.0 CVE-2024-23263, CVE-2024-23280, CVE-2024-23284 Tenable has extracted the preceding description block directly from the Fedora...
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2516)
The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2516 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2,...
SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:1293-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1293-1 advisory. webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252:...
SUSE SLED15: WebKitGTK-4.0-lang / WebKitGTK-4.1-lang / WebKitGTK-6.0-lang / etc (SUSE-SU-2024:1270-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1270-1 advisory. - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254:...
Fedora 38 : webkitgtk (2024-f1ae7b7ac5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f1ae7b7ac5 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
Fedora 39 : webkitgtk (2024-ee43b83290)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ee43b83290 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
CVE-2024-23263
A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being...
CVE-2024-23263
CVE-2024-23263 is a WebKitGTK/WebKitGTK4 vulnerability observed in multiple Linux package advisories (webkit2gtk, webkitgtk4) and Debian Fedora Amazon Linux updates. The issue arises from processing maliciously crafted web content that may prevent Content Security Policy from being enforced. Conn...