First published: Mon Jan 22 2024(Updated: )
A type confusion issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. Reference: <a href="https://webkitgtk.org/security/WSA-2024-0001.html">https://webkitgtk.org/security/WSA-2024-0001.html</a>
Credit: product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone | ||
Apple visionOS | <1.0.2 | 1.0.2 |
debian/webkit2gtk | <=2.36.4-1~deb10u1<=2.38.6-0+deb10u1<=2.42.2-1~deb11u1<=2.42.2-1~deb12u1 | 2.42.5-1~deb11u1 2.42.5-1~deb12u1 2.42.5-1 2.44.1-1 |
debian/wpewebkit | <=2.38.6-1~deb11u1<=2.38.6-1 | 2.42.5-1 2.44.1-1 |
ubuntu/webkit2gtk | <2.42.5-0ubuntu0.22.04.2 | 2.42.5-0ubuntu0.22.04.2 |
ubuntu/webkit2gtk | <2.42.5-0ubuntu0.23.10.2 | 2.42.5-0ubuntu0.23.10.2 |
ubuntu/webkit2gtk | <2.42.5 | 2.42.5 |
Apple macOS Ventura | <13.6.4 | 13.6.4 |
Apple macOS Monterey | <12.7.3 | 12.7.3 |
Apple iOS | <16.7.5 | 16.7.5 |
Apple iPadOS | <16.7.5 | 16.7.5 |
Apple tvOS | <17.3 | 17.3 |
Apple macOS Sonoma | <14.3 | 14.3 |
Apple iOS | <17.3 | 17.3 |
Apple iPadOS | <17.3 | 17.3 |
Apple Safari | <17.3 | 17.3 |
Apple Multiple Products | ||
Apple iPadOS | <16.7.5 | |
Apple iPadOS | >=17.0<17.3 | |
Apple iPhone OS | <16.7.5 | |
Apple iPhone OS | >=17.0<17.3 | |
Apple macOS | <12.7.3 | |
Apple macOS | >=13.0<13.6.4 | |
Apple macOS | >=14.0<14.3 | |
Apple tvOS | <17.3 | |
<16.7.5 | ||
>=17.0<17.3 | ||
<16.7.5 | ||
>=17.0<17.3 | ||
<12.7.3 | ||
>=13.0<13.6.4 | ||
>=14.0<14.3 | ||
<17.3 |
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)