This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.
Synopsis
Important: webkit2gtk3 security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this ...
Synopsis
Important: webkit2gtk3 security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this ...
Impact: Visiting a website that frames malicious content may lead to UI spoofing
Description: The issue was addressed with improved UI handling (CVE-2022-32919)
A website may be able to track the websites a user visited in Safari private browsing mode (CVE-2022-32933)
A spoofing issue existed in the handling of URLs This issue was addressed wit ...
DescriptionThe MITRE CVE dictionary describes this issue as: This issue was addressed with improved iframe sandbox enforcement This issue is fixed in Safari 17 An attacker with JavaScript execution may be able to execute arbitrary code ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security releases page
Apple security documents reference vulnerabilities by CVE-ID whe ...
Vulmon