Medium severity6.5NVD Advisory· Published Mar 8, 2024· Updated Apr 2, 2026
CVE-2024-23280
CVE-2024-23280
Description
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
52cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <17.4
- (no CPE)range: <17.4
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
- Range: <14.4
- Range: <17.4
- osv-coords38 versionspkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
< 2.44.0-150400.4.78.1+ 37 more
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150200.107.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-4.3.2
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.2-150600.12.3.1
- (no CPE)range: < 2.44.0-150400.4.78.1
- (no CPE)range: < 2.44.0-150400.4.78.1
Patches
Vulnerability mechanics
References
23- support.apple.com/en-us/HT214081nvdVendor Advisory
- support.apple.com/en-us/HT214084nvdVendor Advisory
- support.apple.com/en-us/HT214086nvdVendor Advisory
- support.apple.com/en-us/HT214088nvdVendor Advisory
- support.apple.com/en-us/HT214089nvdVendor Advisory
- seclists.org/fulldisclosure/2024/Mar/20nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/21nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/24nvdMailing List
- seclists.org/fulldisclosure/2024/Mar/25nvdMailing List
- www.openwall.com/lists/oss-security/2024/03/26/1nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/nvdMailing List
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/nvdMailing List
- support.apple.com/en-us/120881nvd
- support.apple.com/en-us/120882nvd
- support.apple.com/en-us/120893nvd
- support.apple.com/en-us/120894nvd
- support.apple.com/en-us/120895nvd
- support.apple.com/kb/HT214081nvd
- support.apple.com/kb/HT214084nvd
- support.apple.com/kb/HT214086nvd
- support.apple.com/kb/HT214089nvd
News mentions
0No linked articles in our index yet.