CVE-2021-30897
Description
An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.312
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.34.3-2.82.1.noarch.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.34.3-2.82.1.x86_64.rpm | Linux |
| SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.34.3-2.82.1.x86_64.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-debugsource-2.34.6-1.el8.i686.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-debugsource-2.34.6-1.el8.x86_64.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-devel-2.34.6-1.el8.i686.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-devel-2.34.6-1.el8.x86_64.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-jsc-devel-2.34.6-1.el8.i686.rpm | Linux |
| (RHSA-2022:1777) webkit2gtk3 security, bug fix, and enhancement update webkit2gtk3-jsc-devel-2.34.6-1.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234