Search for packages
Package details: pkg:deb/debian/webkit2gtk@2.44.2-1~deb11u1
purl pkg:deb/debian/webkit2gtk@2.44.2-1~deb11u1
Next non-vulnerable version 2.48.3-1~deb12u1
Latest non-vulnerable version 2.48.5-1
Risk 10.0
Vulnerabilities affecting this package (55)
Vulnerability Summary Fixed by
VCID-2pfx-b8x4-5bbd
Aliases:
CVE-2024-44244
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-2zmm-ts7g-auhs
Aliases:
CVE-2025-43211
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing web content may lead to a denial-of-service.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-4pyf-eyb2-yfcq
Aliases:
CVE-2025-24158
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-4t2u-54h2-2bes
Aliases:
CVE-2025-24209
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-53eh-h9e9-n3c2
Aliases:
CVE-2025-24223
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-5t19-r8ae-x3bs
Aliases:
CVE-2024-27851
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-6h6t-82n5-eycb
Aliases:
CVE-2024-40779
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-6vtn-1pj7-s3f3
Aliases:
CVE-2025-24208
A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-6zm4-vrfe-d3ee
Aliases:
CVE-2025-31278
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-7hb1-augy-3yaw
Aliases:
CVE-2024-44309
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-8sa4-ms9x-qbbj
Aliases:
CVE-2024-40789
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-9qdk-3u7x-zbg6
Aliases:
CVE-2024-44185
The issue was addressed with improved checks. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-aqaj-nuga-ayep
Aliases:
CVE-2024-54534
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-b4af-ehyw-3kcp
Aliases:
CVE-2025-24189
The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-bqqq-jbnz-gufx
Aliases:
CVE-2025-43212
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-c7j8-9stv-vybz
Aliases:
CVE-2025-43228
The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to address bar spoofing.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-cazs-jjwq-3uh4
Aliases:
CVE-2025-24216
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-e3mt-ugqx-rudw
Aliases:
CVE-2024-40782
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-een8-44f2-ybhf
Aliases:
CVE-2025-24201
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-f1j1-6rf1-hyd7
Aliases:
CVE-2024-44192
The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-f37y-e6dq-duc2
Aliases:
CVE-2025-24150
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Copying a URL from Web Inspector may lead to command injection.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-g32t-hyzv-23fh
Aliases:
CVE-2025-24162
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-ggp7-3m8t-zqbq
Aliases:
CVE-2025-31206
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-gj97-4uhm-aydw
Aliases:
CVE-2024-54505
A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-hcpq-m5t8-bfga
Aliases:
CVE-2025-31215
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-heb9-9d3e-a7cn
Aliases:
CVE-2025-43265
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-k1w3-r2w4-2ybc
Aliases:
CVE-2024-40780
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-k5ax-dz9v-q3f3
Aliases:
CVE-2024-54551
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-kfn2-9yvt-k7av
Aliases:
CVE-2024-54543
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.2, tvOS 18.2, Safari 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing maliciously crafted web content may lead to memory corruption.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-kh8b-a2kd-5yhm
Aliases:
CVE-2024-40785
This issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to a cross site scripting attack.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-khkx-343s-bfb5
Aliases:
CVE-2024-54479
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-ksgy-zrvt-13hq
Aliases:
CVE-2025-43240
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly associated.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-kvdf-hbzd-5fat
Aliases:
CVE-2025-24143
The issue was addressed with improved access restrictions to the file system. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-kw77-vx9x-yubs
Aliases:
CVE-2024-27856
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, tvOS 17.5, visionOS 1.2. Processing a file may lead to unexpected app termination or arbitrary code execution.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-ntuf-rkzm-ekam
Aliases:
CVE-2024-54502
The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-nwzv-5yc9-abdr
Aliases:
CVE-2025-6558
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-p9x9-898h-qbfw
Aliases:
CVE-2024-54467
A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-pdxk-rjfx-xfct
Aliases:
CVE-2025-30427
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-phgg-akm7-eyac
Aliases:
CVE-2025-24264
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-pr7k-su8x-73a9
Aliases:
CVE-2024-44308
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-pzcq-2xr9-n7ec
Aliases:
CVE-2024-27838
The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-r323-w2qc-3bdh
Aliases:
CVE-2025-31205
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-spqs-yxz2-hqc5
Aliases:
CVE-2024-40794
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-t3vb-qhya-6ybx
Aliases:
CVE-2025-31273
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to memory corruption.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-ukah-bp2y-bkd6
Aliases:
CVE-2024-44187
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-ukfv-y47s-j3cz
Aliases:
CVE-2025-43227
This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may disclose sensitive user information.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-un99-mchg-effd
Aliases:
CVE-2024-40866
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-wbu7-jgfp-6fd3
Aliases:
CVE-2025-24213
This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.5, Safari 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, watchOS 11.5, visionOS 2.5. A type confusion issue could lead to memory corruption.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-x4ww-ehfv-63cq
Aliases:
CVE-2024-4558
Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-xt7n-vwqs-6kf5
Aliases:
CVE-2025-31204
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
VCID-xwp9-yhvn-qyh7
Aliases:
CVE-2025-43216
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
2.48.5-1
Affected by 0 other vulnerabilities.
VCID-xx48-ju7v-4ydx
Aliases:
CVE-2024-44296
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-y2zq-yuds-dbdd
Aliases:
CVE-2024-54508
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
2.48.1-2~deb12u1
Affected by 26 other vulnerabilities.
VCID-yqn2-6tdd-pfce
Aliases:
CVE-2024-40776
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
2.46.1-2~bpo12+1
Affected by 33 other vulnerabilities.
VCID-z43y-5b52-yuey
Aliases:
CVE-2025-31257
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
2.48.3-1~deb12u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (19)
Vulnerability Summary Aliases
VCID-1xyg-spum-4baf The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. CVE-2023-42956
VCID-4svd-p9v6-sbby The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. CVE-2024-27820
VCID-5atm-grhu-9bf1 The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin. CVE-2024-23254
VCID-82sr-v2b9-ckg5 An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2024-27833
VCID-aqxj-d8qm-zffv The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. CVE-2023-42883
VCID-bdmp-qmfz-k3c9 An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. CVE-2023-42843
VCID-c3ku-wm5m-nucq The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, Safari 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to a denial-of-service. CVE-2024-54658
VCID-fmsm-thfz-gkfk A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. CVE-2024-23222
VCID-gyft-58f3-4udg A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior. CVE-2024-23271
VCID-j72p-jrp9-8yew An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23206
VCID-khnc-r7cn-13d6 A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. CVE-2024-23284
VCID-mksj-1m6k-2yfh A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. CVE-2023-42917
VCID-qur8-hdkj-tuhy The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. CVE-2024-27834
VCID-tm7v-m1d3-tuap The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. CVE-2024-27808
VCID-urzh-a5j6-53hn A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-42950
VCID-x6ef-mn8c-fbdc An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. CVE-2023-42916
VCID-zeew-y1p9-3kf5 A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. CVE-2024-23263
VCID-zshv-184r-gyay The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution. CVE-2024-23213
VCID-zwpx-cc9e-h7cn An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23280

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-12T12:49:39.275701+00:00 Debian Importer Affected by VCID-bqqq-jbnz-gufx https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:40:24.996907+00:00 Debian Importer Affected by VCID-xwp9-yhvn-qyh7 https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:19:56.104713+00:00 Debian Importer Affected by VCID-ukfv-y47s-j3cz https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:18:57.744961+00:00 Debian Importer Affected by VCID-c7j8-9stv-vybz https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:15:08.195236+00:00 Debian Importer Affected by VCID-heb9-9d3e-a7cn https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:11:06.954342+00:00 Debian Importer Affected by VCID-2zmm-ts7g-auhs https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:10:53.442956+00:00 Debian Importer Affected by VCID-t3vb-qhya-6ybx https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:10:38.388838+00:00 Debian Importer Affected by VCID-ksgy-zrvt-13hq https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T12:00:07.910928+00:00 Debian Importer Affected by VCID-6zm4-vrfe-d3ee https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-12T11:44:11.029421+00:00 Debian Importer Affected by VCID-nwzv-5yc9-abdr https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-05T19:47:48.835201+00:00 Debian Oval Importer Affected by VCID-b4af-ehyw-3kcp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T20:07:45.129000+00:00 Debian Oval Importer Affected by VCID-kvdf-hbzd-5fat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:59:56.900508+00:00 Debian Oval Importer Affected by VCID-gj97-4uhm-aydw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:55:15.556076+00:00 Debian Oval Importer Affected by VCID-pdxk-rjfx-xfct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:43:48.979983+00:00 Debian Oval Importer Affected by VCID-kw77-vx9x-yubs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:39:29.947652+00:00 Debian Oval Importer Affected by VCID-pr7k-su8x-73a9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:31:42.594997+00:00 Debian Oval Importer Fixing VCID-urzh-a5j6-53hn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:28:13.451448+00:00 Debian Oval Importer Fixing VCID-5atm-grhu-9bf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:22:12.738100+00:00 Debian Oval Importer Affected by VCID-wbu7-jgfp-6fd3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:14:06.236862+00:00 Debian Oval Importer Affected by VCID-9qdk-3u7x-zbg6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:03:59.391932+00:00 Debian Oval Importer Affected by VCID-k1w3-r2w4-2ybc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:53:31.974740+00:00 Debian Oval Importer Affected by VCID-xx48-ju7v-4ydx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:43:38.530778+00:00 Debian Oval Importer Affected by VCID-spqs-yxz2-hqc5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:42:39.770589+00:00 Debian Oval Importer Affected by VCID-6vtn-1pj7-s3f3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:41:39.284520+00:00 Debian Oval Importer Affected by VCID-p9x9-898h-qbfw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:25:16.588093+00:00 Debian Oval Importer Fixing VCID-bdmp-qmfz-k3c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:24:51.674669+00:00 Debian Oval Importer Affected by VCID-4pyf-eyb2-yfcq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:05:43.453304+00:00 Debian Oval Importer Affected by VCID-f37y-e6dq-duc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:05:18.308104+00:00 Debian Oval Importer Affected by VCID-z43y-5b52-yuey https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:05:11.570673+00:00 Debian Oval Importer Fixing VCID-j72p-jrp9-8yew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:03:42.013021+00:00 Debian Oval Importer Affected by VCID-7hb1-augy-3yaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:02:26.428144+00:00 Debian Oval Importer Fixing VCID-tm7v-m1d3-tuap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:00:19.969894+00:00 Debian Oval Importer Fixing VCID-khnc-r7cn-13d6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:56:57.652166+00:00 Debian Oval Importer Fixing VCID-zeew-y1p9-3kf5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:16:22.640593+00:00 Debian Oval Importer Affected by VCID-g32t-hyzv-23fh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:15:38.541323+00:00 Debian Oval Importer Affected by VCID-53eh-h9e9-n3c2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:15:36.483415+00:00 Debian Oval Importer Fixing VCID-mksj-1m6k-2yfh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:09:19.186774+00:00 Debian Oval Importer Affected by VCID-ggp7-3m8t-zqbq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:55:59.712892+00:00 Debian Oval Importer Fixing VCID-82sr-v2b9-ckg5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:38:52.189446+00:00 Debian Oval Importer Affected by VCID-ntuf-rkzm-ekam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:34:39.925117+00:00 Debian Oval Importer Affected by VCID-phgg-akm7-eyac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:29:13.628797+00:00 Debian Oval Importer Affected by VCID-een8-44f2-ybhf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:27:37.920272+00:00 Debian Oval Importer Affected by VCID-6h6t-82n5-eycb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:12:20.031774+00:00 Debian Oval Importer Affected by VCID-khkx-343s-bfb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:07:32.981450+00:00 Debian Oval Importer Fixing VCID-x6ef-mn8c-fbdc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:02:44.525130+00:00 Debian Oval Importer Fixing VCID-aqxj-d8qm-zffv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:56:06.420663+00:00 Debian Oval Importer Affected by VCID-f1j1-6rf1-hyd7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:56:00.626905+00:00 Debian Oval Importer Fixing VCID-c3ku-wm5m-nucq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:46:27.921537+00:00 Debian Oval Importer Fixing VCID-1xyg-spum-4baf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:41:53.890000+00:00 Debian Oval Importer Affected by VCID-aqaj-nuga-ayep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:38:42.102264+00:00 Debian Oval Importer Affected by VCID-x4ww-ehfv-63cq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:31:37.757793+00:00 Debian Oval Importer Affected by VCID-2pfx-b8x4-5bbd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:27:51.706994+00:00 Debian Oval Importer Affected by VCID-pzcq-2xr9-n7ec https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:23:47.385456+00:00 Debian Oval Importer Affected by VCID-ukah-bp2y-bkd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:11:03.129645+00:00 Debian Oval Importer Affected by VCID-8sa4-ms9x-qbbj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:10:10.282045+00:00 Debian Oval Importer Affected by VCID-kh8b-a2kd-5yhm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:59:20.158668+00:00 Debian Oval Importer Affected by VCID-kfn2-9yvt-k7av https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:58:25.764557+00:00 Debian Oval Importer Affected by VCID-k5ax-dz9v-q3f3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:45:08.495800+00:00 Debian Oval Importer Affected by VCID-hcpq-m5t8-bfga https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:37:29.942744+00:00 Debian Oval Importer Affected by VCID-e3mt-ugqx-rudw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:16:13.076108+00:00 Debian Oval Importer Affected by VCID-yqn2-6tdd-pfce https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:16:10.262152+00:00 Debian Oval Importer Fixing VCID-4svd-p9v6-sbby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:06:19.713277+00:00 Debian Oval Importer Affected by VCID-4t2u-54h2-2bes https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:05:46.718129+00:00 Debian Oval Importer Affected by VCID-cazs-jjwq-3uh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:59:46.008302+00:00 Debian Oval Importer Affected by VCID-xt7n-vwqs-6kf5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:58:13.070024+00:00 Debian Oval Importer Fixing VCID-fmsm-thfz-gkfk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:49:21.965133+00:00 Debian Oval Importer Affected by VCID-5t19-r8ae-x3bs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:48:40.212342+00:00 Debian Oval Importer Affected by VCID-un99-mchg-effd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:36:58.826136+00:00 Debian Oval Importer Fixing VCID-gyft-58f3-4udg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:31:14.660266+00:00 Debian Oval Importer Affected by VCID-y2zq-yuds-dbdd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:27:56.851216+00:00 Debian Oval Importer Fixing VCID-zwpx-cc9e-h7cn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:22:03.460585+00:00 Debian Oval Importer Fixing VCID-qur8-hdkj-tuhy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:18:42.265770+00:00 Debian Oval Importer Affected by VCID-r323-w2qc-3bdh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:05:58.147359+00:00 Debian Oval Importer Fixing VCID-zshv-184r-gyay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0