vulnerability
Oracle Linux: CVE-2024-40789: ELSA-2024-8180: webkit2gtk3 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Jul 29, 2024 | Oct 16, 2024 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Jul 29, 2024
Added
Oct 16, 2024
Modified
Dec 3, 2025
Description
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.
A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service.
A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service.
Solutions
oracle-linux-upgrade-webkit2gtk3oracle-linux-upgrade-webkit2gtk3-develoracle-linux-upgrade-webkit2gtk3-jscoracle-linux-upgrade-webkit2gtk3-jsc-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.