Lucene search
Ubuntu.comUB:CVE-2023-40451HistorySep 27, 2023 - 12:00 a.m.
CVE-2023-40451
2023-09-2700:00:00
ubuntu.com
ubuntu.com
9
safari 17
iframe sandbox enforcement
arbitrary code execution
javascript
webkit
webkit2gtk
0.001 Low
EPSS
Percentile
37.6%
This issue was addressed with improved iframe sandbox enforcement. This
issue is fixed in Safari 17. An attacker with JavaScript execution may be
able to execute arbitrary code.
Notes
| Author | Note |
|---|---|
| jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8 |
| mdeslaur | It is no longer possible to build new webkit2gtk versions on focal and earlier. Marking as ignored. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 22.04 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 23.10 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 24.04 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | qtwebkit-opensource-src | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | qtwebkit-source | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | qtwebkit-source | <Â any | UNKNOWN |
| ubuntu | 22.04 | noarch | webkit2gtk | <Â 2.40.5-0ubuntu0.22.04.1 | UNKNOWN |
| ubuntu | 23.04 | noarch | webkit2gtk | <Â 2.40.5-0ubuntu0.23.04.1 | UNKNOWN |
Related
debiancve
debiancve
CVE-2023-40451
2023-09-27 15:19:17
prion
prion
Code injection
2023-09-27 15:19:00
cve
cve
CVE-2023-40451
2023-09-27 15:19:17
cvelist
cvelist
CVE-2023-40451
2023-09-26 20:14:38
redhatcve
redhatcve
CVE-2023-40451
2023-09-29 18:26:05
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4978-1)
2023-12-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0002-1)
2024-01-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0004-1)
2024-01-03 00:00:00
apple
apple
About the security content of Safari 17
2023-09-26 00:00:00
nessus
nessus
GLSA-202401-33 : WebKitGTK+: Multiple Vulnerabilities
2024-01-31 00:00:00
Oracle Linux 8 : webkit2gtk3 (ELSA-2023-7055)
2023-11-21 00:00:00
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2427)
2024-01-23 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2024-01-31 00:00:00
amazon
amazon
Important: webkitgtk4
2024-01-19 01:51:00
almalinux
almalinux
Important: webkit2gtk3 security and bug fix update
2023-11-07 00:00:00
Important: webkit2gtk3 security and bug fix update
2023-11-14 00:00:00
osv
osv
Important: webkit2gtk3 security and bug fix update
2023-11-07 00:00:00
Important: webkit2gtk3 security and bug fix update
2023-11-14 00:00:00
oraclelinux
oraclelinux
webkit2gtk3 security and bug fix update
2023-11-17 00:00:00
webkit2gtk3 security and bug fix update
2023-11-11 00:00:00
redhat
redhat
(RHSA-2023:6535) Important: webkit2gtk3 security and bug fix update
2023-11-07 06:07:56
(RHSA-2023:7055) Important: webkit2gtk3 security and bug fix update
2023-11-14 08:44:13
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2024-04-26 09:47:12