XAML injection In wpewebkit
Description
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. Processing web content may lead to arbitrary code execution.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 14 | >=0 <2.42.5-1 | 2.42.5-1 | |
debian 13 | >=0 <2.42.5-1 | 2.42.5-1 | |
debian 11 | =2.32.3-1 || =2.32.4-1 || =2.32.4-1~deb10u1 || =2.32.4-1~deb11u1 || =2.33.1-1 || =2.33.2-1 || =2.33.3-1 || =2.33.90-1 || =2.33.91-1 || =2.34.0-1 || =2.34.0-1~bpo11+1 || =2.34.1-1 || =2.34.1-1~deb10u1 || =2.34.1-1~deb11u1 || =2.34.2-1 || =2.34.2-1~bpo11+1 || =2.34.3-1 || =2.34.3-1~deb10u1 || =2.34.3-1~deb11u1 || =2.34.4-1 || =2.34.4-1~deb10u1 || =2.34.4-1~deb11u1 || =2.34.5-1 || =2.34.6-1 || =2.34.6-1~deb10u1 || =2.34.6-1~deb11u1 || =2.35.1-1 || =2.35.2-1 || =2.35.3-1 || =2.35.90-1 || =2.36.0-1 || =2.36.0-2 || =2.36.0-3 || =2.36.0-3~deb10u1 || =2.36.0-3~deb11u1 || =2.36.1-1 || =2.36.2-1 || =2.36.3-1 || =2.36.3-1~deb10u1 || =2.36.3-1~deb11u1 || =2.36.4-1 || =2.36.4-1~deb10u1 || =2.36.4-1~deb11u1 || =2.36.6-1 || =2.36.6-1~deb10u1 || =2.36.6-1~deb11u1 || =2.36.7-1 || =2.36.7-1~deb10u1 || =2.36.7-1~deb11u1 || =2.37.1-1 || =2.37.1-2 || =2.37.90-1 || =2.37.91-1 || =2.38.0-1 || =2.38.0-1~deb10u1 || =2.38.0-1~deb11u1 || =2.38.0-2 || =2.38.0-3 || =2.38.1-1 || =2.38.2-1 || =2.38.2-1~deb10u1 || =2.38.2-1~deb11u1 || =2.38.3-1 || =2.38.3-1~deb10u1 || =2.38.3-1~deb11u1 || =2.38.4-1 || =2.38.4-2 || =2.38.4-2~deb10u1 || =2.38.4-2~deb11u1 || =2.38.5-1 || =2.38.5-1+m68k || =2.38.5-1~deb10u1 || =2.38.5-1~deb11u1 || =2.39.1-1 || =2.39.2-1 || =2.39.3-1 || =2.39.4-1 || =2.39.5-1 || =2.39.7-1 || =2.39.90-1 || =2.39.91-1 || =2.40.0-1 || =2.40.0-2 || =2.40.0-3 || =2.40.1-1 || =2.40.1-1~deb11u1 || =2.40.2-1 || =2.40.2-1~deb11u1 || =2.40.2-1~deb12u1 || =2.40.3-1 || =2.40.3-2 || =2.40.3-2~deb11u1 || =2.40.3-2~deb11u2 || =2.40.3-2~deb12u1 || =2.40.3-2~deb12u2 || =2.40.4-1 || =2.40.5-1 || =2.40.5-1~deb11u1 || =2.40.5-1~deb12u1 || =2.41.4-1 || =2.41.5-1 || =2.41.6-1 || =2.41.90-1 || =2.41.91-1 || =2.41.91-2 || =2.41.92-1 || =2.42.0-1 || =2.42.0-1~bpo12+1 || =2.42.1-1 || =2.42.1-1~bpo12+1 || =2.42.1-1~deb11u1 || =2.42.1-1~deb11u2 || =2.42.1-1~deb12u1 || =2.42.1-2 || =2.42.2-1 || =2.42.2-1~deb11u1 || =2.42.2-1~deb12u1 || =2.42.3-1 || =2.42.3-1~deb11u1 || =2.42.3-1~deb12u1 || =2.42.4-1 || =2.42.4-1~deb11u1 || =2.42.4-1~deb12u1 || >=0 <2.42.5-1~deb11u1 | 2.42.5-1~deb11u1 | |
debian 12 | =2.40.1-1 || =2.40.2-1 || =2.40.2-1~deb11u1 || =2.40.2-1~deb12u1 || =2.40.3-1 || =2.40.3-2 || =2.40.3-2~deb11u1 || =2.40.3-2~deb11u2 || =2.40.3-2~deb12u1 || =2.40.3-2~deb12u2 || =2.40.4-1 || =2.40.5-1 || =2.40.5-1~deb11u1 || =2.40.5-1~deb12u1 || =2.41.4-1 || =2.41.5-1 || =2.41.6-1 || =2.41.90-1 || =2.41.91-1 || =2.41.91-2 || =2.41.92-1 || =2.42.0-1 || =2.42.0-1~bpo12+1 || =2.42.1-1 || =2.42.1-1~bpo12+1 || =2.42.1-1~deb11u1 || =2.42.1-1~deb11u2 || =2.42.1-1~deb12u1 || =2.42.1-2 || =2.42.2-1 || =2.42.2-1~deb11u1 || =2.42.2-1~deb12u1 || =2.42.3-1 || =2.42.3-1~deb11u1 || =2.42.3-1~deb12u1 || =2.42.4-1 || =2.42.4-1~deb11u1 || =2.42.4-1~deb12u1 || =2.42.5-1~deb11u1 || >=0 <2.42.5-1~deb12u1 | 2.42.5-1~deb12u1 | |
debian 14 | >=0 <2.42.5-1 | 2.42.5-1 | |
debian 11 | =2.32.3-2 || =2.32.4-1 || =2.32.4-1~deb11u1 || =2.34.1-1 || =2.34.1-1~deb11u1 || =2.34.2-1 || =2.34.3-1 || =2.34.3-1~deb11u1 || =2.34.4-1 || =2.34.4-1~deb11u1 || =2.34.5-1 || =2.34.6-1 || =2.34.6-1~deb11u1 || =2.36.0-1 || =2.36.0-2 || =2.36.0-2~deb11u1 || =2.36.1-1 || =2.36.3-1 || =2.36.3-1~deb11u1 || =2.36.4-1 || =2.36.4-1~deb11u1 || =2.36.6-1 || =2.36.6-1~deb11u1 || =2.36.7-1 || =2.36.7-1~deb11u1 || =2.38.0-1 || =2.38.0-1~deb11u1 || =2.38.1-1 || =2.38.2-1 || =2.38.2-1~deb11u1 || =2.38.3-1 || =2.38.3-1~deb11u1 || =2.38.4-1 || =2.38.4-1~deb11u1 || =2.38.5-1 || =2.38.5-1~deb11u1 || =2.38.6-1 || =2.38.6-1~deb11u1 || =2.39.91-1 || =2.40.0-1 || =2.40.1-1 || =2.40.2-1 || =2.40.2-2 || =2.40.3-1 || =2.40.4-1 || =2.40.5-1 || =2.42.0-1 || =2.42.1-1 || =2.42.2-1 || =2.42.3-1 || =2.42.4-1 || =2.42.5-1 || =2.42.5-1.1 || =2.42.5-1.1~exp1 || =2.42.5-1.2 || =2.42.5-2~exp || =2.44.1-1 || =2.44.2-1 || =2.44.2-2 || =2.44.3-1 || =2.44.4-1 || =2.46.1-1 || =2.46.2-1 || =2.46.3-1 || =2.46.4-1 || =2.46.5-1 || =2.46.6-1 || =2.48.0-1 || =2.48.1-1 || =2.48.1-2 || =2.48.2-1 || =2.48.3-1 || =2.48.5-1 || =2.48.6-1 || =2.48.6-2 || =2.50.0-1 || =2.50.0-2 || =2.50.1-1 || =2.50.2-1 || =2.50.3-1 || =2.50.4-1 || =2.50.5-1 || =2.50.6-1 || =2.52.0-1 || =2.52.1-1 || =2.52.2-1 || =2.52.2-2 || =2.52.3-1 | - | |
debian 12 | =2.38.6-1 || =2.39.91-1 || =2.40.0-1 || =2.40.1-1 || =2.40.2-1 || =2.40.2-2 || =2.40.3-1 || =2.40.4-1 || =2.40.5-1 || =2.42.0-1 || =2.42.1-1 || =2.42.2-1 || =2.42.3-1 || =2.42.4-1 || =2.42.5-1 || =2.42.5-1.1 || =2.42.5-1.1~exp1 || =2.42.5-1.2 || =2.42.5-2~exp || =2.44.1-1 || =2.44.2-1 || =2.44.2-2 || =2.44.3-1 || =2.44.4-1 || =2.46.1-1 || =2.46.2-1 || =2.46.3-1 || =2.46.4-1 || =2.46.5-1 || =2.46.6-1 || =2.48.0-1 || =2.48.1-1 || =2.48.1-2 || =2.48.2-1 || =2.48.3-1 || =2.48.5-1 || =2.48.6-1 || =2.48.6-2 || =2.50.0-1 || =2.50.0-2 || =2.50.1-1 || =2.50.2-1 || =2.50.3-1 || =2.50.4-1 || =2.50.5-1 || =2.50.6-1 || =2.52.0-1 || =2.52.1-1 || =2.52.2-1 || =2.52.2-2 || =2.52.3-1 | - | |
debian 13 | >=0 <2.42.5-1 | 2.42.5-1 | |
 rpm rhel6 | - | - | |
rpm rhel7 | - | - |
Does your application use this vulnerable software?
During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.