CVE-2024-23263

A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	*	17.4 (excluding)
Ipados	Apple	*	16.7.6 (excluding)
Ipados	Apple	17.0 (including)	17.4 (excluding)
Iphone_os	Apple	*	16.7.6 (excluding)
Iphone_os	Apple	17.0 (including)	17.4 (excluding)
Macos	Apple	14.0 (including)	14.4 (excluding)
Tvos	Apple	*	17.4 (excluding)
Visionos	Apple	*	1.1 (excluding)
Watchos	Apple	*	10.4 (excluding)
Red Hat Enterprise Linux 7 Extended Lifecycle Support	RedHat	webkitgtk4-0:2.48.3-2.el7_9	*
Red Hat Enterprise Linux 8	RedHat	webkit2gtk3-0:2.46.3-2.el8_10	*
Red Hat Enterprise Linux 9	RedHat	webkit2gtk3-0:2.46.1-2.el9_4	*
Qtwebkit-opensource-src	Ubuntu	devel	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/bionic	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/focal	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/jammy	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/noble	*
Qtwebkit-opensource-src	Ubuntu	esm-infra/xenial	*
Qtwebkit-opensource-src	Ubuntu	focal	*
Qtwebkit-opensource-src	Ubuntu	jammy	*
Qtwebkit-opensource-src	Ubuntu	mantic	*
Qtwebkit-opensource-src	Ubuntu	noble	*
Qtwebkit-opensource-src	Ubuntu	upstream	*
Qtwebkit-source	Ubuntu	esm-apps/bionic	*
Qtwebkit-source	Ubuntu	esm-apps/xenial	*
Webkit2gtk	Ubuntu	esm-infra/bionic	*
Webkit2gtk	Ubuntu	esm-infra/focal	*
Webkit2gtk	Ubuntu	esm-infra/xenial	*
Webkit2gtk	Ubuntu	focal	*
Webkit2gtk	Ubuntu	jammy	*
Webkit2gtk	Ubuntu	mantic	*
Webkit2gtk	Ubuntu	upstream	*
Webkitgtk	Ubuntu	esm-apps/bionic	*
Webkitgtk	Ubuntu	esm-apps/xenial	*
Wpewebkit	Ubuntu	esm-apps/focal	*
Wpewebkit	Ubuntu	esm-apps/jammy	*
Wpewebkit	Ubuntu	focal	*
Wpewebkit	Ubuntu	jammy	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-23263
CWE	https://cwe.mitre.org/data/definitions/.html

Affected Software

References