Search for vulnerabilities
Vulnerability details: VCID-f542-tzu8-aaan
Vulnerability ID VCID-f542-tzu8-aaan
Aliases CVE-2024-23263
Summary A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23263.json
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00070 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00070 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00070 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00070 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.00395 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.01865 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
epss 0.02412 https://api.first.org/data/v1/epss?cve=CVE-2024-23263
cvssv3.1 5.9 http://seclists.org/fulldisclosure/2024/Mar/21
generic_textual MODERATE http://seclists.org/fulldisclosure/2024/Mar/21
cvssv3.1 6.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-23263
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-23263
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23263.json
https://api.first.org/data/v1/epss?cve=CVE-2024-23263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23252
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23280
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23284
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54658
http://seclists.org/fulldisclosure/2024/Mar/20
http://seclists.org/fulldisclosure/2024/Mar/21
http://seclists.org/fulldisclosure/2024/Mar/24
http://seclists.org/fulldisclosure/2024/Mar/25
http://seclists.org/fulldisclosure/2024/Mar/26
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AO4BNNL5X2LQBJ6WX7VT4SGMA6R7DUU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BAIPBVDQV3GHMSNSZNEJCRZEPM7BEYGF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXORDRCSQAQU436W4S2Z3X5B5PDXL3LI/
https://support.apple.com/en-us/HT214081
https://support.apple.com/en-us/HT214082
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214086
https://support.apple.com/en-us/HT214087
https://support.apple.com/en-us/HT214088
https://support.apple.com/en-us/HT214089
http://www.openwall.com/lists/oss-security/2024/03/26/1
2270290 https://bugzilla.redhat.com/show_bug.cgi?id=2270290
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-23263 https://nvd.nist.gov/vuln/detail/CVE-2024-23263
GLSA-202407-13 https://security.gentoo.org/glsa/202407-13
RHSA-2024:10481 https://access.redhat.com/errata/RHSA-2024:10481
RHSA-2024:8180 https://access.redhat.com/errata/RHSA-2024:8180
USN-6732-1 https://usn.ubuntu.com/6732-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23263.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/21
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-23263
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-23263
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.18115
EPSS Score 0.00046
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-04-23T17:18:34.913419+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-23263 34.0.0rc4