Unrated severityNVD Advisory· Published Mar 5, 2019· Updated Aug 4, 2024

CVE-2019-6229

Description

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting.

Affected products

osv-coords19 versions
pkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%207
< 2.32.4-1.1+ 18 more
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.22.6-lp150.2.12.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-3.18.2
- (no CPE)range: < 2.22.6-3.18.2
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
Apple Inc./tvOSv5
Range: unspecified
Apple Inc./Safariv5
Range: unspecified
Apple/iCloud for Windowsv5
Range: unspecified
Apple Inc./iOScpe-rescue
Range: unspecified
Apple/iTunes for Windowsv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.gentoo.org/glsa/201903-12mitrevendor-advisoryx_refsource_GENTOO
www.securityfocus.com/bid/106691mitrevdb-entryx_refsource_BID
support.apple.com/HT209443mitrex_refsource_CONFIRM
support.apple.com/HT209447mitrex_refsource_CONFIRM
support.apple.com/HT209449mitrex_refsource_CONFIRM
support.apple.com/HT209450mitrex_refsource_CONFIRM
support.apple.com/HT209451mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000