vulnerability
CentOS Linux: CVE-2023-40451: Important: webkit2gtk3 security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Sep 27, 2023 | Nov 8, 2023 | Jan 28, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Sep 27, 2023
Added
Nov 8, 2023
Modified
Jan 28, 2025
Description
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.
Solutions
centos-upgrade-webkit2gtk3centos-upgrade-webkit2gtk3-debuginfocentos-upgrade-webkit2gtk3-debugsourcecentos-upgrade-webkit2gtk3-develcentos-upgrade-webkit2gtk3-devel-debuginfocentos-upgrade-webkit2gtk3-jsccentos-upgrade-webkit2gtk3-jsc-debuginfocentos-upgrade-webkit2gtk3-jsc-develcentos-upgrade-webkit2gtk3-jsc-devel-debuginfo
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.