V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2024-27820
AST
High

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari…

CVSS
8.8
High
EPSS
0.01
p58
Published
2024-01-01
Updated
2024-01-01
Description

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

Tags · CWE
RCEPre-auth
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
Qtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3Webkit2gtk3
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2024-01-01
Published
2024-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.010 · p58
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Webkit2gtkWpewebkit
Canonical
Qtwebkit-opensource-srcWebkit2gtkWpewebkit
Red Hat
Webkit2gtk3
Apple
MacosIphone OsIpadosTvosWatchosSafariVisionos
Группа Астра (РусБИТех)
Webkit2gtk
ProductVendorStatus
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
webkit2gtk3Tracked
Showing first 20 of 34
Source databases
AST
DEB
CVE
RED
UBU
Related vulnerabilities
BDU:2024-09449