VDB
DEBIAN-CVE-2024-27856
DEBIAN-CVE-2024-27856
PUBLISHED
CVSS 7.800000190734863 HIGH
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing a file may lead to unexpected app termination or arbitrary code execution.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | webkit2gtk | 0, 0 |
| Debian:11 | webkit2gtk | 2.42.4-1, 2.35.1-1, 2.37.1-2 |
| Debian:14 | wpewebkit | 0, 0 |
| Debian:12 | webkit2gtk | 2.45.3-1, 0, 2.40.2-1 |
| Debian:13 | wpewebkit | 0, 0 |
| Debian:11 | wpewebkit | 2.42.0-1, 2.40.5-1, 2.40.3-1 |
| Debian:12 | wpewebkit | 2.50.6-1, 2.42.2-1, 2.50.2-1 |
| Debian:13 | webkit2gtk | 0, 0 |
Exploit Intelligence
- index6.html (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- ios_v2_generated.go (github-poc)
- ios_v1_generated.go (github-poc)
- safari_v2_generated.go (github-poc)
Timeline
- Jan 15, 2025 CVE Published
- Apr 28, 2026 CVE Updated