webkit2gtk3-jsc (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package webkit2gtk3-jsc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2023-40414 — CVSS 9.8 (critical): A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17…
CVE-2023-40397 — CVSS 9.8 (critical): The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary…
CVE-2025-43343 — CVSS 9.8 (critical): The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26…
CVE-2025-43342 — CVSS 9.8 (critical): A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26…
CVE-2024-4558 — CVSS 9.6 (critical): Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-13558 — CVSS 8.8 (high): A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web…
CVE-2020-24870 — CVSS 8.8 (high): Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
CVE-2021-1788 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2021-1844 — CVSS 8.8 (high): A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v…
CVE-2021-21779 — CVSS 8.8 (high): A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted…
CVE-2021-21806 — CVSS 8.8 (high): An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a…
CVE-2021-30734 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6…
CVE-2021-30749 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6…
CVE-2021-30758 — CVSS 8.8 (high): A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5…
CVE-2021-30795 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5…
CVE-2021-30797 — CVSS 8.8 (high): This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7…
CVE-2021-30799 — CVSS 8.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5…
CVE-2021-30809 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and…
CVE-2021-30818 — CVSS 8.8 (high): A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and…
CVE-2021-30851 — CVSS 8.8 (high): A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and…
CVE-2021-30889 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS…
CVE-2021-30934 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2021-30936 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2021-30951 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2…
CVE-2021-30953 — CVSS 8.8 (high): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS…
CVE-2022-22590 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS…
CVE-2022-22624 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4…
CVE-2022-22628 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5…
CVE-2022-22629 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5…
CVE-2022-22637 — CVSS 8.8 (high): A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4…
CVE-2022-26700 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS…
CVE-2022-26709 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2022-26710 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4…
CVE-2022-26716 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2022-26717 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS…
CVE-2022-26719 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS…
CVE-2022-32885 — CVSS 8.8 (high): A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5…
CVE-2022-32886 — CVSS 8.8 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7…
CVE-2022-32888 — CVSS 8.8 (high): An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS…
CVE-2022-42823 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari…
CVE-2022-42826 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16…
CVE-2022-42863 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1…
CVE-2022-42867 — CVSS 8.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1…
CVE-2022-46691 — CVSS 8.8 (high): A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1…
CVE-2022-46699 — CVSS 8.8 (high): A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1…
CVE-2022-46700 — CVSS 8.8 (high): A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1…
CVE-2023-2203 — CVSS 8.8 (high): A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows…
CVE-2023-23517 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS…
CVE-2023-23518 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS…
CVE-2023-25358 — CVSS 8.8 (high): A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25360 — CVSS 8.8 (high): A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25361 — CVSS 8.8 (high): A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely.
CVE-2023-25362 — CVSS 8.8 (high): A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute…
CVE-2023-25363 — CVSS 8.8 (high): A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to…
CVE-2023-28198 — CVSS 8.8 (high): A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3…
CVE-2023-32393 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and…
CVE-2023-38592 — CVSS 8.8 (high): A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS…
CVE-2023-38594 — CVSS 8.8 (high): The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6…
CVE-2023-38595 — CVSS 8.8 (high): The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6…
CVE-2023-38597 — CVSS 8.8 (high): The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura…
CVE-2023-38600 — CVSS 8.8 (high): The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6…
CVE-2023-38611 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5…
CVE-2023-39434 — CVSS 8.8 (high): A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma…
CVE-2023-39928 — CVSS 8.8 (high): A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this…
CVE-2023-40451 — CVSS 8.8 (high): This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution…
CVE-2023-42852 — CVSS 8.8 (high): A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS…
CVE-2023-42890 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and…
CVE-2024-23213 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and…
CVE-2024-27820 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and…
CVE-2024-27851 — CVSS 8.8 (high): The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS…
CVE-2024-54505 — CVSS 8.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS…
CVE-2024-54543 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS…
CVE-2025-24150 — CVSS 8.8 (high): A privacy issue was addressed with improved handling of files. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia…
CVE-2025-31273 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6…
CVE-2025-31278 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS…
CVE-2025-43419 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26…
CVE-2025-43431 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and…
CVE-2025-66287 — CVSS 8.8 (high): A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
CVE-2026-28847 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2026-28947 — CVSS 8.8 (high): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS…
CVE-2026-28955 — CVSS 8.8 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2025-43480 — CVSS 8.1 (high): The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1…
CVE-2026-28907 — CVSS 8.1 (high): The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2021-21775 — CVSS 8.0 (high): A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A…
CVE-2020-27918 — CVSS 7.8 (high): A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2…
CVE-2021-30849 — CVSS 7.8 (high): Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8…
CVE-2021-30846 — CVSS 7.8 (high): A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15…
CVE-2021-30954 — CVSS 7.8 (high): A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS…
CVE-2021-30848 — CVSS 7.8 (high): A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15…
CVE-2024-54508 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS…
CVE-2024-54479 — CVSS 7.5 (high): The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia…
CVE-2026-20652 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and…
CVE-2025-43227 — CVSS 7.5 (high): This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia…
CVE-2026-28953 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2026-43658 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS…
CVE-2023-38572 — CVSS 7.5 (high): The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6…
CVE-2026-28883 — CVSS 7.5 (high): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS…
CVE-2021-30984 — CVSS 7.5 (high): A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2…
CVE-2026-28904 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2023-32359 — CVSS 7.5 (high): This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's…
CVE-2025-13502 — CVSS 7.5 (high): A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess…
CVE-2022-30293 — CVSS 7.5 (high): In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in…
CVE-2024-54551 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6…
CVE-2026-43660 — CVSS 7.5 (high): A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS…
CVE-2026-28905 — CVSS 7.5 (high): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS…
CVE-2021-30888 — CVSS 7.4 (high): An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS…
CVE-2025-13947 — CVSS 7.4 (high): A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is…
CVE-2014-1745 — CVSS 7.1 (high): Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to…
CVE-2025-24209 — CVSS 7.0 (high): A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS…
CVE-2024-27838 — CVSS 6.5 (medium): The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS…
CVE-2023-38133 — CVSS 6.5 (medium): The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6…
CVE-2026-20636 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3…
CVE-2023-38599 — CVSS 6.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8…
CVE-2026-20644 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and…
CVE-2026-20665 — CVSS 6.5 (medium): This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and…
CVE-2021-1801 — CVSS 6.5 (medium): This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2021-1799 — CVSS 6.5 (medium): A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2023-41983 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2…
CVE-2026-28857 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4…
CVE-2024-23206 — CVSS 6.5 (medium): An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3…
CVE-2024-23271 — CVSS 6.5 (medium): A logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS…
CVE-2023-27954 — CVSS 6.5 (medium): The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4…
CVE-2024-40782 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS…
CVE-2024-40789 — CVSS 6.5 (medium): An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS…
CVE-2024-40866 — CVSS 6.5 (medium): The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to…
CVE-2024-44187 — CVSS 6.5 (medium): A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in…
CVE-2021-1765 — CVSS 6.5 (medium): This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001…
CVE-2024-54467 — CVSS 6.5 (medium): A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS…
CVE-2024-54502 — CVSS 6.5 (medium): The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia…
CVE-2026-28902 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS…
CVE-2026-28903 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and…
CVE-2025-24143 — CVSS 6.5 (medium): The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3…
CVE-2025-24158 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3…
CVE-2025-24162 — CVSS 6.5 (medium): This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia…
CVE-2021-30823 — CVSS 6.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15…
CVE-2021-30887 — CVSS 6.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS…
CVE-2021-30897 — CVSS 6.5 (medium): An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was…
CVE-2025-31205 — CVSS 6.5 (medium): The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5…
CVE-2021-45481 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a…
CVE-2021-45482 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
CVE-2021-45483 — CVSS 6.5 (medium): In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
CVE-2022-22592 — CVSS 6.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari…
CVE-2022-22594 — CVSS 6.5 (medium): A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3…
CVE-2025-43212 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6…
CVE-2025-43213 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6…
CVE-2025-43214 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6…
CVE-2025-43216 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS…
CVE-2022-22662 — CVSS 6.5 (medium): A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big…
CVE-2025-43272 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, visionOS 26…
CVE-2025-43356 — CVSS 6.5 (medium): The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26…
CVE-2026-28942 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS…
CVE-2022-32923 — CVSS 6.5 (medium): A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS…
CVE-2022-42852 — CVSS 6.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and…
CVE-2026-28946 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing…
CVE-2022-46698 — CVSS 6.5 (medium): A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura…
CVE-2025-43440 — CVSS 6.5 (medium): This issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1…
CVE-2025-43457 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS…
CVE-2025-43511 — CVSS 6.5 (medium): A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS…
CVE-2025-43240 — CVSS 6.2 (medium): A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be…
CVE-2025-43211 — CVSS 6.2 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS…
CVE-2022-22589 — CVSS 6.1 (medium): A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3…
CVE-2021-30744 — CVSS 6.1 (medium): Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in…
CVE-2022-42799 — CVSS 6.1 (medium): The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1…
CVE-2021-30890 — CVSS 6.1 (medium): A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS…
CVE-2021-30689 — CVSS 6.1 (medium): A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1…
CVE-2025-24208 — CVSS 6.1 (medium): A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a…
CVE-2020-36241 — CVSS 5.5 (medium): autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal…
CVE-2023-27932 — CVSS 5.5 (medium): This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4…
CVE-2021-30836 — CVSS 5.5 (medium): An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8…
CVE-2022-42824 — CVSS 5.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1…
CVE-2023-42883 — CVSS 5.5 (medium): The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2…
CVE-2026-20608 — CVSS 5.5 (medium): This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and…
CVE-2021-28650 — CVSS 5.5 (medium): autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal…
CVE-2024-44192 — CVSS 5.5 (medium): The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS…
CVE-2024-44185 — CVSS 5.5 (medium): The issue was addressed with improved checks. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6…
CVE-2021-30682 — CVSS 5.5 (medium): A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS…
CVE-2024-40780 — CVSS 5.5 (medium): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS…
CVE-2024-40779 — CVSS 5.5 (medium): An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS…
CVE-2022-46692 — CVSS 5.5 (medium): A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS…