8.1

CVE-2024-23263

A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 17.4
AppleiPadOS Version < 16.7.6
AppleiPadOS Version >= 17.0 < 17.4
AppleiPhone OS Version < 16.7.6
AppleiPhone OS Version >= 17.0 < 17.4
ApplemacOS Version >= 14.0 < 14.4
AppletvOS Version < 17.4
ApplevisionOS Version < 1.1
ApplewatchOS Version < 10.4
WebkitgtkWebkitgtk Version < 2.44.0
WpewebkitWpe Webkit Version < 2.44.0
FedoraprojectFedora Version38
FedoraprojectFedora Version39
FedoraprojectFedora Version40
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.5% 0.708
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 2.8 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://seclists.org/fulldisclosure/2024/Mar/21
Mailing List
http://seclists.org/fulldisclosure/2024/Mar/24
Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25
Mailing List
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214084
https://support.apple.com/kb/HT214082
http://www.openwall.com/lists/oss-security/2024/03/26/1
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26
Mailing List
https://support.apple.com/en-us/HT214081
Vendor Advisory
https://support.apple.com/en-us/HT214082
Vendor Advisory
https://support.apple.com/kb/HT214087
https://support.apple.com/en-us/HT214084
Vendor Advisory
https://support.apple.com/en-us/HT214086
Vendor Advisory
https://support.apple.com/en-us/HT214088
Vendor Advisory
https://support.apple.com/en-us/HT214087
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Mar/20
Mailing List
https://support.apple.com/en-us/HT214089
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
Mailing List
https://support.apple.com/en-us/120881
https://support.apple.com/en-us/120882
https://support.apple.com/en-us/120883
https://support.apple.com/en-us/120893
https://support.apple.com/en-us/120895
https://support.apple.com/en-us/120894
https://support.apple.com/kb/HT214089
https://support.apple.com/en-us/120880