Home

CVE-2019-8674

Description

A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.624

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-8674,CVE-2019-8728 are affected in Apple Safari for MAC 12.1.2Mac
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-doc-2.28.2-2.el7.noarch.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-doc-2.28.2-2.el7.noarch.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.34.3-2.82.1.noarch.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.34.3-2.82.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-611604Apple Safari for MAC (MacOS Sonoma) (18.6)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234