A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
History

Mon, 09 Dec 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos
Fedoraproject
Fedoraproject fedora
Webkitgtk
Webkitgtk webkitgtk
Wpewebkit
Wpewebkit wpe Webkit
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple visionos
Apple watchos
Fedoraproject
Fedoraproject fedora
Webkitgtk
Webkitgtk webkitgtk
Wpewebkit
Wpewebkit wpe Webkit
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-03-08T01:36:19.295Z

Updated: 2024-08-01T22:59:32.071Z

Reserved: 2024-01-12T22:22:21.490Z

Link: CVE-2024-23263

cve-icon Vulnrichment

Updated: 2024-08-01T22:59:32.071Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-08T02:15:48.980

Modified: 2024-12-09T14:55:47.257

Link: CVE-2024-23263

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-07T00:00:00Z

Links: CVE-2024-23263 - Bugzilla