rpm package
opensuse/webkit2gtk3-soup2&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6
Vulnerabilities (129)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23284 | Med | 6.5 | < 2.44.2-150600.12.3.1 | 2.44.2-150600.12.3.1 | Mar 8, 2024 | A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Securit | |
| CVE-2024-23280 | Med | 6.5 | < 2.44.2-150600.12.3.1 | 2.44.2-150600.12.3.1 | Mar 8, 2024 | An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user. | |
| CVE-2024-23263 | Med | 6.5 | < 2.44.2-150600.12.3.1 | 2.44.2-150600.12.3.1 | Mar 8, 2024 | A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Poli | |
| CVE-2024-23254 | Med | 6.5 | < 2.44.2-150600.12.3.1 | 2.44.2-150600.12.3.1 | Mar 8, 2024 | The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin. | |
| CVE-2024-23226 | Hig | 8.8 | < 2.48.2-150600.12.40.2 | 2.48.2-150600.12.40.2 | Mar 8, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution. | |
| CVE-2023-42843 | — | < 2.44.2-150600.12.3.1 | 2.44.2-150600.12.3.1 | Feb 21, 2024 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. | ||
| CVE-2024-23222 | Hig | 8.8 | KEV | < 2.46.0-150600.12.12.1 | 2.46.0-150600.12.12.1 | Jan 23, 2024 | A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processi |
| CVE-2024-23213 | Hig | 8.8 | < 2.46.0-150600.12.12.1 | 2.46.0-150600.12.12.1 | Jan 23, 2024 | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. Processing web content may lead to arbitrary code execution. | |
| CVE-2024-23206 | Med | 6.5 | < 2.46.0-150600.12.12.1 | 2.46.0-150600.12.12.1 | Jan 23, 2024 | An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A maliciously crafted webpage may be able to fingerprint the user. |
- affected < 2.44.2-150600.12.3.1fixed 2.44.2-150600.12.3.1
A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Securit
- affected < 2.44.2-150600.12.3.1fixed 2.44.2-150600.12.3.1
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.
- affected < 2.44.2-150600.12.3.1fixed 2.44.2-150600.12.3.1
A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Poli
- affected < 2.44.2-150600.12.3.1fixed 2.44.2-150600.12.3.1
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.
- affected < 2.48.2-150600.12.40.2fixed 2.48.2-150600.12.40.2
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution.
- CVE-2023-42843Feb 21, 2024affected < 2.44.2-150600.12.3.1fixed 2.44.2-150600.12.3.1
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.
- affected < 2.46.0-150600.12.12.1fixed 2.46.0-150600.12.12.1
A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processi
- affected < 2.46.0-150600.12.12.1fixed 2.46.0-150600.12.12.1
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. Processing web content may lead to arbitrary code execution.
- affected < 2.46.0-150600.12.12.1fixed 2.46.0-150600.12.12.1
An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A maliciously crafted webpage may be able to fingerprint the user.
Page 7 of 7