First published: Tue Mar 05 2024(Updated: )
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user.
Credit: product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <17.4 | 17.4 |
ubuntu/webkit2gtk | <2.44.0-0ubuntu0.22.04.1 | 2.44.0-0ubuntu0.22.04.1 |
ubuntu/webkit2gtk | <2.44.0-0ubuntu0.23.10.1 | 2.44.0-0ubuntu0.23.10.1 |
ubuntu/webkit2gtk | <2.44.0 | 2.44.0 |
debian/webkit2gtk | <=2.36.4-1~deb10u1<=2.38.6-0+deb10u1<=2.42.2-1~deb11u1<=2.42.2-1~deb12u1 | 2.44.1-1~deb11u1 2.44.1-1~deb12u1 2.44.1-1 |
debian/wpewebkit | <=2.38.6-1~deb11u1<=2.38.6-1 | 2.44.1-1 |
Apple watchOS | <10.4 | 10.4 |
Apple tvOS | <17.4 | 17.4 |
Apple iOS | <17.4 | 17.4 |
Apple iPadOS | <17.4 | 17.4 |
Apple macOS Sonoma | <14.4 | 14.4 |
Apple Safari | <17.4 | |
Apple Ipad Os | <17.4 | |
Apple iPhone OS | <17.4 | |
Apple macOS | >=14.0<14.4 | |
Apple tvOS | <17.4 | |
Apple watchOS | <10.4 | |
Fedoraproject Fedora | =38 | |
Fedoraproject Fedora | =39 | |
Fedoraproject Fedora | =40 | |
WebKitGTK WebKitGTK | <2.44.0 | |
Wpewebkit Wpe Webkit | <2.44.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)