CVE-2024-23263

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23263

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

A

logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

References
Link Resource
http://seclists.org/fulldisclosure/2024/Mar/20 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/21 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/24 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26 Mailing List
http://www.openwall.com/lists/oss-security/2024/03/26/1 Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ Mailing List
https://support.apple.com/en-us/HT214081 Vendor Advisory
https://support.apple.com/en-us/HT214082 Vendor Advisory
https://support.apple.com/en-us/HT214084 Vendor Advisory
https://support.apple.com/en-us/HT214086 Vendor Advisory
https://support.apple.com/en-us/HT214087 Vendor Advisory
https://support.apple.com/en-us/HT214088 Vendor Advisory
https://support.apple.com/en-us/HT214089 Vendor Advisory
http://seclists.org/fulldisclosure/2024/Mar/20 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/21 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/24 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/25 Mailing List
http://seclists.org/fulldisclosure/2024/Mar/26 Mailing List
http://www.openwall.com/lists/oss-security/2024/03/26/1 Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ Mailing List
https://support.apple.com/en-us/HT214081 Vendor Advisory
https://support.apple.com/en-us/HT214082 Vendor Advisory
https://support.apple.com/en-us/HT214084 Vendor Advisory
https://support.apple.com/en-us/HT214086 Vendor Advisory
https://support.apple.com/en-us/HT214087 Vendor Advisory
https://support.apple.com/en-us/HT214088 Vendor Advisory
https://support.apple.com/en-us/HT214089 Vendor Advisory
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214082
https://support.apple.com/kb/HT214084
https://support.apple.com/kb/HT214087
https://support.apple.com/kb/HT214089
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
History

04 Nov 2025, 19:16

Type Values Removed Values Added
References
  • () https://support.apple.com/kb/HT214081 -
  • () https://support.apple.com/kb/HT214082 -
  • () https://support.apple.com/kb/HT214084 -
  • () https://support.apple.com/kb/HT214087 -
  • () https://support.apple.com/kb/HT214089 -

09 Dec 2024, 14:55

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2024/Mar/20 - () http://seclists.org/fulldisclosure/2024/Mar/20 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/21 - () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/24 - () http://seclists.org/fulldisclosure/2024/Mar/24 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/25 - () http://seclists.org/fulldisclosure/2024/Mar/25 - Mailing List
References () http://seclists.org/fulldisclosure/2024/Mar/26 - () http://seclists.org/fulldisclosure/2024/Mar/26 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/03/26/1 - () http://www.openwall.com/lists/oss-security/2024/03/26/1 - Mailing List
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ - Mailing List
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ - Mailing List
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ - Mailing List
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ - Mailing List
References () https://support.apple.com/en-us/HT214081 - () https://support.apple.com/en-us/HT214081 - Vendor Advisory
References () https://support.apple.com/en-us/HT214082 - () https://support.apple.com/en-us/HT214082 - Vendor Advisory
References () https://support.apple.com/en-us/HT214084 - () https://support.apple.com/en-us/HT214084 - Vendor Advisory
References () https://support.apple.com/en-us/HT214086 - () https://support.apple.com/en-us/HT214086 - Vendor Advisory
References () https://support.apple.com/en-us/HT214087 - () https://support.apple.com/en-us/HT214087 - Vendor Advisory
References () https://support.apple.com/en-us/HT214088 - () https://support.apple.com/en-us/HT214088 - Vendor Advisory
References () https://support.apple.com/en-us/HT214089 - () https://support.apple.com/en-us/HT214089 - Vendor Advisory
First Time Webkitgtk webkitgtk
Wpewebkit wpe Webkit
Webkitgtk
Apple visionos
Apple ipados
Apple macos
Apple safari
Wpewebkit
Fedoraproject fedora
Apple tvos
Apple iphone Os
Apple
Apple watchos
Fedoraproject
CWE NVD-CWE-noinfo
CPE cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 8.1 		v2 : unknown
v3 : 6.5

21 Nov 2024, 08:57

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2024/Mar/20 - () http://seclists.org/fulldisclosure/2024/Mar/20 -
References () http://seclists.org/fulldisclosure/2024/Mar/21 - () http://seclists.org/fulldisclosure/2024/Mar/21 -
References () http://seclists.org/fulldisclosure/2024/Mar/24 - () http://seclists.org/fulldisclosure/2024/Mar/24 -
References () http://seclists.org/fulldisclosure/2024/Mar/25 - () http://seclists.org/fulldisclosure/2024/Mar/25 -
References () http://seclists.org/fulldisclosure/2024/Mar/26 - () http://seclists.org/fulldisclosure/2024/Mar/26 -
References () http://www.openwall.com/lists/oss-security/2024/03/26/1 - () http://www.openwall.com/lists/oss-security/2024/03/26/1 -
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/ -
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/ -
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ -
References () https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ - () https://lists.fedoraproject.org/archives/list/[email protected]/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/ -
References () https://support.apple.com/en-us/HT214081 - () https://support.apple.com/en-us/HT214081 -
References () https://support.apple.com/en-us/HT214082 - () https://support.apple.com/en-us/HT214082 -
References () https://support.apple.com/en-us/HT214084 - () https://support.apple.com/en-us/HT214084 -
References () https://support.apple.com/en-us/HT214086 - () https://support.apple.com/en-us/HT214086 -
References () https://support.apple.com/en-us/HT214087 - () https://support.apple.com/en-us/HT214087 -
References () https://support.apple.com/en-us/HT214088 - () https://support.apple.com/en-us/HT214088 -
References () https://support.apple.com/en-us/HT214089 - () https://support.apple.com/en-us/HT214089 -

03 Jul 2024, 01:47

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.1
CWE CWE-20

07 May 2024, 06:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/03/26/1 -
  • () https://lists.fedoraproject.org/archives/list/[email protected]/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/ -
Information

Published : 2024-03-08 02:15

Updated : 2025-11-04 19:16

NVD link : CVE-2024-23263

Mitre link : CVE-2024-23263

CVE.ORG link : CVE-2024-23263

JSON object : View

Products Affected

fedoraproject

apple

webkitgtk

wpewebkit

CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation