JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote malicious users to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple safari 18 |