CVE-2023-27954
Summary
| CVE | CVE-2023-27954 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-05-08 20:15:00 UTC |
| Updated | 2023-07-27 04:15:00 UTC |
| Description | The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Ipad Os | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Macos | All | All | All | All |
| Application | Apple | Safari | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of macOS Ventura 13.3 - Apple Support | MISC | support.apple.com | |
| About the security content of iOS 16.4 and iPadOS 16.4 - Apple Support | MISC | support.apple.com | |
| Full Disclosure: APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4 | FULLDISC | seclists.org | |
| About the security content of Safari 16.4 - Apple Support | MISC | support.apple.com | |
| About the security content of watchOS 9.4 - Apple Support | MISC | support.apple.com | |
| WebKitGTK+: Multiple Vulnerabilities (GLSA 202305-32) — Gentoo security | GENTOO | security.gentoo.org | |
| About the security content of tvOS 16.4 - Apple Support | MISC | support.apple.com | |
| About the security content of iOS 15.7.4 and iPadOS 15.7.4 - Apple Support | MISC | support.apple.com | |
| [SECURITY] [DLA 3419-1] webkit2gtk security update | MLIST | lists.debian.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161084 Oracle Enterprise Linux Security Update for webkit2gtk3 (ELSA-2023-6535)
- 161167 Oracle Enterprise Linux Security Update for webkit2gtk3 (ELSA-2023-7055)
- 181769 Debian Security Update for wpewebkit (DSA 5397-1)
- 181770 Debian Security Update for webkit2gtk (DSA 5396-1)
- 181780 Debian Security Update for webkit2gtk (DLA 3419-1)
- 184259 Debian Security Update for webkit2gtkwpewebkit (CVE-2023-27954)
- 199324 Ubuntu Security Notification for WebKitGTK Vulnerabilities (USN-6061-1)
- 242303 Red Hat Update for webkit2gtk3 (RHSA-2023:6535)
- 242457 Red Hat Update for webkit2gtk3 (RHSA-2023:7055)
- 283955 Fedora Security Update for webkitgtk (FEDORA-2023-a4bbf02a57)
- 283958 Fedora Security Update for webkit2gtk3 (FEDORA-2023-8900b35c6f)
- 284163 Fedora Security Update for webkitgtk (FEDORA-2023-5b61346bbe)
- 355438 Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2023-2088
- 378187 Apple Safari Multiple Vulnerabilities (HT213671)
- 378189 Apple macOS Ventura 13.3 Not Installed (HT213670)
- 610474 Apple iOS 15.7.4 and iPadOS 15.7.4 Security Update Missing
- 610475 Apple iOS 16.4 and iPadOS 16.4 Security Update Missing
- 610476 Apple iOS 15.7.4 and iPadOS 15.7.4 Security Update Missing
- 710737 Gentoo Linux WebKitGTK+ Multiple Vulnerabilities (GLSA 202305-32)
- 753948 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2056-1)
- 753959 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2078-1)
- 753960 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2077-1)
- 941362 AlmaLinux Security Update for webkit2gtk3 (ALSA-2023:6535)
- 941448 AlmaLinux Security Update for webkit2gtk3 (ALSA-2023:7055)