14 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-23280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS...
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2577)
The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2577 advisory. An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS...
Fedora: Security Advisory (FEDORA-2024-a1246372a4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1270-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : webkit2gtk4.0 (2024-a1246372a4)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a1246372a4 advisory. Update to 2.44.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
Fedora 40 : webkitgtk (2024-7ee03010c5)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7ee03010c5 advisory. Update to 2.44.0 CVE-2024-23263, CVE-2024-23280, CVE-2024-23284 Tenable has extracted the preceding description block directly from the Fedora...
SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:1293-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1293-1 advisory. webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252:...
SUSE SLED15: WebKitGTK-4.0-lang / WebKitGTK-4.1-lang / WebKitGTK-6.0-lang / etc (SUSE-SU-2024:1270-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1270-1 advisory. - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254:...
Fedora 38 : webkitgtk (2024-f1ae7b7ac5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f1ae7b7ac5 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
Fedora 39 : webkitgtk (2024-ee43b83290)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ee43b83290 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
UBUNTU-CVE-2024-23280
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user...
CVE-2024-23280
The CVE-2024-23280 entry concerns an injection issue in WebKitGTK/WebKit2GTK where maliciously crafted web content could fingerprint a user. The core detail from connected sources shows the vulnerability affects WebKitGTK/WebKit2GTK components used in Linux/macOS ecosystems, with the underlying c...