csaf_suse - suse-su-2024:3751-1

Vulnerability from csaf_suse

Published

2024-10-24 01:33

Modified

2024-10-24 01:33

Summary

Security update for webkit2gtk3

Notes

Title of the patch

Security update for webkit2gtk3

Description of the patch

This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 (bsc#1231039). - CVE-2024-40866 - CVE-2024-44187 Already fixed in version 2.44.3: - CVE-2024-4558 - CVE-2024-27838 - CVE-2024-27851 Already fixed in version 2.44.2: - CVE-2024-27834 - CVE-2024-27808 - CVE-2024-27820 - CVE-2024-27833 Already fixed in version 2.44.1: - CVE-2024-23222 - CVE-2024-23206 - CVE-2024-23213 - CVE-2024-23271

Patchnames

SUSE-2024-3751,SUSE-SLE-SERVER-12-SP5-LTSS-2024-3751,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3751

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for webkit2gtk3",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for webkit2gtk3 fixes the following issues:\n\nUpdate to version 2.46.0 (bsc#1231039).\n\n- CVE-2024-40866\n- CVE-2024-44187\n\nAlready fixed in version 2.44.3:\n\n- CVE-2024-4558\n- CVE-2024-27838\n- CVE-2024-27851\n\nAlready fixed in version 2.44.2:\n\n- CVE-2024-27834\n- CVE-2024-27808\n- CVE-2024-27820\n- CVE-2024-27833\n\nAlready fixed in version 2.44.1:\n\n- CVE-2024-23222\n- CVE-2024-23206\n- CVE-2024-23213\n- CVE-2024-23271\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-3751,SUSE-SLE-SERVER-12-SP5-LTSS-2024-3751,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3751",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3751-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:3751-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20243751-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:3751-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019676.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231039",
            url: "https://bugzilla.suse.com/1231039",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-23213 page",
            url: "https://www.suse.com/security/cve/CVE-2024-23213/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-23271 page",
            url: "https://www.suse.com/security/cve/CVE-2024-23271/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27808 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27808/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27820 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27820/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27833 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27833/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27834 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27834/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27838 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27838/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-27851 page",
            url: "https://www.suse.com/security/cve/CVE-2024-27851/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-40866 page",
            url: "https://www.suse.com/security/cve/CVE-2024-40866/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44187 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44187/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-4558 page",
            url: "https://www.suse.com/security/cve/CVE-2024-4558/",
         },
      ],
      title: "Security update for webkit2gtk3",
      tracking: {
         current_release_date: "2024-10-24T01:33:35Z",
         generator: {
            date: "2024-10-24T01:33:35Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:3751-1",
         initial_release_date: "2024-10-24T01:33:35Z",
         revision_history: [
            {
               date: "2024-10-24T01:33:35Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                           product_id: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                           product_id: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                           product_id: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                           product_id: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                           product_id: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit-jsc-4-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "webkit-jsc-4-2.46.0-4.15.1.aarch64",
                           product_id: "webkit-jsc-4-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                           product_id: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-devel-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "webkit2gtk3-devel-2.46.0-4.15.1.aarch64",
                           product_id: "webkit2gtk3-devel-2.46.0-4.15.1.aarch64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.aarch64",
                        product: {
                           name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.aarch64",
                           product_id: "webkit2gtk3-minibrowser-2.46.0-4.15.1.aarch64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-64bit-2.46.0-4.15.1.aarch64_ilp32",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-64bit-2.46.0-4.15.1.aarch64_ilp32",
                           product_id: "libjavascriptcoregtk-4_0-18-64bit-2.46.0-4.15.1.aarch64_ilp32",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-64bit-2.46.0-4.15.1.aarch64_ilp32",
                        product: {
                           name: "libwebkit2gtk-4_0-37-64bit-2.46.0-4.15.1.aarch64_ilp32",
                           product_id: "libwebkit2gtk-4_0-37-64bit-2.46.0-4.15.1.aarch64_ilp32",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "aarch64_ilp32",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.i586",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.i586",
                           product_id: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.i586",
                        product: {
                           name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.i586",
                           product_id: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.i586",
                        product: {
                           name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.i586",
                           product_id: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.i586",
                        product: {
                           name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.i586",
                           product_id: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.i586",
                        product: {
                           name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.i586",
                           product_id: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit-jsc-4-2.46.0-4.15.1.i586",
                        product: {
                           name: "webkit-jsc-4-2.46.0-4.15.1.i586",
                           product_id: "webkit-jsc-4-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.i586",
                        product: {
                           name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.i586",
                           product_id: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-devel-2.46.0-4.15.1.i586",
                        product: {
                           name: "webkit2gtk3-devel-2.46.0-4.15.1.i586",
                           product_id: "webkit2gtk3-devel-2.46.0-4.15.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.i586",
                        product: {
                           name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.i586",
                           product_id: "webkit2gtk3-minibrowser-2.46.0-4.15.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                        product: {
                           name: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                           product_id: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                           product_id: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                           product_id: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                           product_id: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                           product_id: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                           product_id: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit-jsc-4-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "webkit-jsc-4-2.46.0-4.15.1.ppc64le",
                           product_id: "webkit-jsc-4-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                           product_id: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-devel-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "webkit2gtk3-devel-2.46.0-4.15.1.ppc64le",
                           product_id: "webkit2gtk3-devel-2.46.0-4.15.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.ppc64le",
                        product: {
                           name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.ppc64le",
                           product_id: "webkit2gtk3-minibrowser-2.46.0-4.15.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                           product_id: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                        product: {
                           name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                           product_id: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                        product: {
                           name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                           product_id: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                        product: {
                           name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                           product_id: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                        product: {
                           name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                           product_id: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit-jsc-4-2.46.0-4.15.1.s390x",
                        product: {
                           name: "webkit-jsc-4-2.46.0-4.15.1.s390x",
                           product_id: "webkit-jsc-4-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                        product: {
                           name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                           product_id: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-devel-2.46.0-4.15.1.s390x",
                        product: {
                           name: "webkit2gtk3-devel-2.46.0-4.15.1.s390x",
                           product_id: "webkit2gtk3-devel-2.46.0-4.15.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.s390x",
                        product: {
                           name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.s390x",
                           product_id: "webkit2gtk3-minibrowser-2.46.0-4.15.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                           product_id: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libjavascriptcoregtk-4_0-18-32bit-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "libjavascriptcoregtk-4_0-18-32bit-2.46.0-4.15.1.x86_64",
                           product_id: "libjavascriptcoregtk-4_0-18-32bit-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                           product_id: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwebkit2gtk-4_0-37-32bit-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "libwebkit2gtk-4_0-37-32bit-2.46.0-4.15.1.x86_64",
                           product_id: "libwebkit2gtk-4_0-37-32bit-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                           product_id: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                           product_id: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                           product_id: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit-jsc-4-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "webkit-jsc-4-2.46.0-4.15.1.x86_64",
                           product_id: "webkit-jsc-4-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                           product_id: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-devel-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "webkit2gtk3-devel-2.46.0-4.15.1.x86_64",
                           product_id: "webkit2gtk3-devel-2.46.0-4.15.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.x86_64",
                        product: {
                           name: "webkit2gtk3-minibrowser-2.46.0-4.15.1.x86_64",
                           product_id: "webkit2gtk3-minibrowser-2.46.0-4.15.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12 SP5-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 12 SP5-LTSS",
                           product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss-extended-security:12:sp5",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                        product: {
                           name: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                           product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss-extended-security:12:sp5",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
            },
            product_reference: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
            },
            product_reference: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
            },
            product_reference: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
            },
            product_reference: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
            },
            product_reference: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
            },
            product_reference: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
            },
            product_reference: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
            },
            product_reference: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
            },
            product_reference: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
            },
            product_reference: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
            },
            product_reference: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
            },
            product_reference: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
            },
            product_reference: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
            },
            product_reference: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
            },
            product_reference: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
            },
            product_reference: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            },
            product_reference: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
            },
            product_reference: "libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
            },
            product_reference: "libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
            },
            product_reference: "libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
            },
            product_reference: "typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
               product_id: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            },
            product_reference: "webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-23213",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-23213",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-23213",
               url: "https://www.suse.com/security/cve/CVE-2024-23213",
            },
            {
               category: "external",
               summary: "SUSE Bug 1219604 for CVE-2024-23213",
               url: "https://bugzilla.suse.com/1219604",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-23213",
      },
      {
         cve: "CVE-2024-23271",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-23271",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-23271",
               url: "https://www.suse.com/security/cve/CVE-2024-23271",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-23271",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-23271",
      },
      {
         cve: "CVE-2024-27808",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27808",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27808",
               url: "https://www.suse.com/security/cve/CVE-2024-27808",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-27808",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27808",
      },
      {
         cve: "CVE-2024-27820",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27820",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27820",
               url: "https://www.suse.com/security/cve/CVE-2024-27820",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-27820",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27820",
      },
      {
         cve: "CVE-2024-27833",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27833",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27833",
               url: "https://www.suse.com/security/cve/CVE-2024-27833",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-27833",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27833",
      },
      {
         cve: "CVE-2024-27834",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27834",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27834",
               url: "https://www.suse.com/security/cve/CVE-2024-27834",
            },
            {
               category: "external",
               summary: "SUSE Bug 1225071 for CVE-2024-27834",
               url: "https://bugzilla.suse.com/1225071",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27834",
      },
      {
         cve: "CVE-2024-27838",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27838",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27838",
               url: "https://www.suse.com/security/cve/CVE-2024-27838",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-27838",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27838",
      },
      {
         cve: "CVE-2024-27851",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-27851",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-27851",
               url: "https://www.suse.com/security/cve/CVE-2024-27851",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-27851",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-27851",
      },
      {
         cve: "CVE-2024-40866",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-40866",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-40866",
               url: "https://www.suse.com/security/cve/CVE-2024-40866",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-40866",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-40866",
      },
      {
         cve: "CVE-2024-44187",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44187",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44187",
               url: "https://www.suse.com/security/cve/CVE-2024-44187",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231039 for CVE-2024-44187",
               url: "https://bugzilla.suse.com/1231039",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "important",
            },
         ],
         title: "CVE-2024-44187",
      },
      {
         cve: "CVE-2024-4558",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-4558",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
               "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
               "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-4558",
               url: "https://www.suse.com/security/cve/CVE-2024-4558",
            },
            {
               category: "external",
               summary: "SUSE Bug 1224045 for CVE-2024-4558",
               url: "https://bugzilla.suse.com/1224045",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 9.6,
                  baseSeverity: "CRITICAL",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.aarch64",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP5-LTSS:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libjavascriptcoregtk-4_0-18-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk-4_0-37-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libwebkit2gtk3-lang-2.46.0-4.15.1.noarch",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-JavaScriptCore-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:typelib-1_0-WebKit2WebExtension-4_0-2.46.0-4.15.1.x86_64",
                  "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:webkit2gtk-4_0-injected-bundles-2.46.0-4.15.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-24T01:33:35Z",
               details: "critical",
            },
         ],
         title: "CVE-2024-4558",
      },
   ],
}

cve-2024-4558

Vulnerability from cvelistv5

Published

2024-05-07 19:02

Modified

2025-02-13 17:53

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References

▼	URL	Tags
	https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html
	https://issues.chromium.org/issues/337766133
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/
	http://seclists.org/fulldisclosure/2024/Jul/16
	http://seclists.org/fulldisclosure/2024/Jul/15
	http://seclists.org/fulldisclosure/2024/Jul/18

Impacted products

	Vendor	Product	Version
	Google	Chrome	Version: 124.0.6367.155 < 124.0.6367.155

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "chrome",
                  vendor: "google",
                  versions: [
                     {
                        lessThan: "124.0.6367.155",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-4558",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-09T04:00:46.590652Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-416",
                        description: "CWE-416 Use After Free",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:56:02.234Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T20:47:40.556Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://issues.chromium.org/issues/337766133",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/16",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/15",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jul/18",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Chrome",
               vendor: "Google",
               versions: [
                  {
                     lessThan: "124.0.6367.155",
                     status: "affected",
                     version: "124.0.6367.155",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Use after free",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-07-30T00:06:13.867Z",
            orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
            shortName: "Chrome",
         },
         references: [
            {
               url: "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html",
            },
            {
               url: "https://issues.chromium.org/issues/337766133",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jul/16",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jul/15",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jul/18",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
      assignerShortName: "Chrome",
      cveId: "CVE-2024-4558",
      datePublished: "2024-05-07T19:02:22.673Z",
      dateReserved: "2024-05-06T18:32:23.603Z",
      dateUpdated: "2025-02-13T17:53:35.866Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-23271

Vulnerability from cvelistv5

Published

2024-04-24 16:43

Modified

2025-02-13 17:39

Severity ?

7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214059
	https://support.apple.com/en-us/HT214055
	https://support.apple.com/en-us/HT214056
	https://support.apple.com/en-us/HT214060
	https://support.apple.com/en-us/HT214061
	https://support.apple.com/kb/HT214060
	https://support.apple.com/kb/HT214059
	https://support.apple.com/kb/HT214061
	https://support.apple.com/kb/HT214055
	https://support.apple.com/kb/HT214056

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.3

Apple	tvOS	Version: unspecified < 17.3
Apple	Safari	Version: unspecified < 17.3
Apple	watchOS	Version: unspecified < 10.3
Apple	macOS	Version: unspecified < 14.3

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ios",
                  vendor: "apple",
                  versions: [
                     {
                        status: "affected",
                        version: "*",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "LOW",
                     baseScore: 7.3,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "LOW",
                     integrityImpact: "LOW",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-23271",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-01T17:21:25.656286Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-284",
                        description: "CWE-284 Improper Access Control",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:45:53.010Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T22:59:32.112Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214059",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214055",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214056",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214060",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214061",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214060",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214059",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214061",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214055",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214056",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "A malicious website may cause unexpected cross-origin behavior",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T09:05:57.489Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214059",
            },
            {
               url: "https://support.apple.com/en-us/HT214055",
            },
            {
               url: "https://support.apple.com/en-us/HT214056",
            },
            {
               url: "https://support.apple.com/en-us/HT214060",
            },
            {
               url: "https://support.apple.com/en-us/HT214061",
            },
            {
               url: "https://support.apple.com/kb/HT214060",
            },
            {
               url: "https://support.apple.com/kb/HT214059",
            },
            {
               url: "https://support.apple.com/kb/HT214061",
            },
            {
               url: "https://support.apple.com/kb/HT214055",
            },
            {
               url: "https://support.apple.com/kb/HT214056",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-23271",
      datePublished: "2024-04-24T16:43:43.625Z",
      dateReserved: "2024-01-12T22:22:21.498Z",
      dateUpdated: "2025-02-13T17:39:21.019Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27838

Vulnerability from cvelistv5

Published

2024-06-10 20:56

Modified

2025-03-17 14:34

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214100
	https://support.apple.com/en-us/HT214106
	https://support.apple.com/en-us/HT214108
	https://support.apple.com/en-us/HT214104
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/Jun/5

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	iOS and iPadOS	Version: unspecified < 16.7
Apple	macOS	Version: unspecified < 14.5
Apple	visionOS	Version: unspecified < 1.2
Apple	watchOS	Version: unspecified < 10.5
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.887Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214100",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214108",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214104",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jun/5",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "NONE",
                     baseScore: 6.5,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "NONE",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27838",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-08-19T14:48:32.637340Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-79",
                        description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-17T14:34:16.793Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "16.7",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "1.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed by adding additional logic. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "A maliciously crafted webpage may be able to fingerprint the user",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T04:06:33.395Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214100",
            },
            {
               url: "https://support.apple.com/en-us/HT214106",
            },
            {
               url: "https://support.apple.com/en-us/HT214108",
            },
            {
               url: "https://support.apple.com/en-us/HT214104",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jun/5",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27838",
      datePublished: "2024-06-10T20:56:40.587Z",
      dateReserved: "2024-02-26T15:32:28.528Z",
      dateUpdated: "2025-03-17T14:34:16.793Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-44187

Vulnerability from cvelistv5

Published

2024-09-16 23:23

Modified

2025-03-14 15:25

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.

References

▼	URL	Tags
	https://support.apple.com/en-us/121238
	https://support.apple.com/en-us/121248
	https://support.apple.com/en-us/121249
	https://support.apple.com/en-us/121250
	https://support.apple.com/en-us/121240
	https://support.apple.com/en-us/121241

Impacted products

Vendor

Product

Version

▼

Apple

macOS

Version: unspecified < 15

Apple	tvOS	Version: unspecified < 18
Apple	visionOS	Version: unspecified < 2
Apple	iOS and iPadOS	Version: unspecified < 18
Apple	watchOS	Version: unspecified < 11
Apple	Safari	Version: unspecified < 18

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "NONE",
                     baseScore: 6.5,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "NONE",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-44187",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-17T13:44:18.458972Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-346",
                        description: "CWE-346 Origin Validation Error",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-14T15:25:26.428Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "15",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "18",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "18",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "11",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "18",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "A malicious website may exfiltrate data cross-origin",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-16T23:23:16.230Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/121238",
            },
            {
               url: "https://support.apple.com/en-us/121248",
            },
            {
               url: "https://support.apple.com/en-us/121249",
            },
            {
               url: "https://support.apple.com/en-us/121250",
            },
            {
               url: "https://support.apple.com/en-us/121240",
            },
            {
               url: "https://support.apple.com/en-us/121241",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-44187",
      datePublished: "2024-09-16T23:23:16.230Z",
      dateReserved: "2024-08-20T21:42:05.933Z",
      dateUpdated: "2025-03-14T15:25:26.428Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-40866

Vulnerability from cvelistv5

Published

2024-09-16 23:22

Modified

2025-03-25 16:20

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.

References

▼	URL	Tags
	https://support.apple.com/en-us/121238
	https://support.apple.com/en-us/121241

Impacted products

Vendor

Product

Version

▼

Apple

macOS

Version: unspecified < 15

Apple

Safari

Version: unspecified < 18

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-40866",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-18T17:55:34.103087Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "NONE",
                     baseScore: 6.5,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "NONE",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                     version: "3.1",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        description: "CWE-noinfo Not enough information",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-25T16:20:43.654Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "15",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "18",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Visiting a malicious website may lead to address bar spoofing",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-16T23:22:28.243Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/121238",
            },
            {
               url: "https://support.apple.com/en-us/121241",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-40866",
      datePublished: "2024-09-16T23:22:28.243Z",
      dateReserved: "2024-07-10T17:11:04.716Z",
      dateUpdated: "2025-03-25T16:20:43.654Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27834

Vulnerability from cvelistv5

Published

2024-05-13 23:00

Modified

2025-02-13 17:46

Severity ?

8.1 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214106
	https://support.apple.com/en-us/HT214104
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/May/17
	http://www.openwall.com/lists/oss-security/2024/05/21/1
	http://seclists.org/fulldisclosure/2024/May/10
	http://seclists.org/fulldisclosure/2024/May/9
	http://seclists.org/fulldisclosure/2024/May/12
	http://seclists.org/fulldisclosure/2024/May/16
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	macOS	Version: unspecified < 14.5
Apple	watchOS	Version: unspecified < 10.5
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ipad_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "macos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "14.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tvos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "watchos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "10.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "iphone_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "LOCAL",
                     availabilityImpact: "HIGH",
                     baseScore: 8.1,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "CHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27834",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-16T04:00:11.988391Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-277",
                        description: "CWE-277 Insecure Inherited Permissions",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-06T15:23:00.293Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.789Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214104",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/May/17",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/21/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/May/10",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/May/9",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/May/12",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/May/16",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-22T02:06:12.235Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214106",
            },
            {
               url: "https://support.apple.com/en-us/HT214104",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/May/17",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/21/1",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/May/10",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/May/9",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/May/12",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/May/16",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27834",
      datePublished: "2024-05-13T23:00:50.836Z",
      dateReserved: "2024-02-26T15:32:28.527Z",
      dateUpdated: "2025-02-13T17:46:56.201Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27820

Vulnerability from cvelistv5

Published

2024-06-10 20:56

Modified

2025-02-13 17:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214100
	https://support.apple.com/en-us/HT214106
	https://support.apple.com/en-us/HT214108
	https://support.apple.com/en-us/HT214104
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/Jun/5

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	iOS and iPadOS	Version: unspecified < 16.7
Apple	macOS	Version: unspecified < 14.5
Apple	visionOS	Version: unspecified < 1.2
Apple	watchOS	Version: unspecified < 10.5
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "iphone_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "16.7",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ipad_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "16.7",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:mac_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mac_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "14.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "visionos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "1.2",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "watchos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "10.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "safari",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tvos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27820",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-13T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-119",
                        description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-14T03:56:09.764Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.470Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214100",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214108",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214104",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jun/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "16.7",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "1.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Processing web content may lead to arbitrary code execution",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T04:06:04.778Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214100",
            },
            {
               url: "https://support.apple.com/en-us/HT214106",
            },
            {
               url: "https://support.apple.com/en-us/HT214108",
            },
            {
               url: "https://support.apple.com/en-us/HT214104",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jun/5",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27820",
      datePublished: "2024-06-10T20:56:43.282Z",
      dateReserved: "2024-02-26T15:32:28.523Z",
      dateUpdated: "2025-02-13T17:46:47.976Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27833

Vulnerability from cvelistv5

Published

2024-06-10 20:56

Modified

2025-02-13 17:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214100
	https://support.apple.com/en-us/HT214108
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/Jun/5

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	iOS and iPadOS	Version: unspecified < 16.7
Apple	visionOS	Version: unspecified < 1.2
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "iphone_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "16.7",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ipad_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                     {
                        lessThan: "16.7",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:visionos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "visionos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "1.2",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "safari",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tvos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27833",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-13T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-190",
                        description: "CWE-190 Integer Overflow or Wraparound",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-14T03:56:11.309Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.143Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214100",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214108",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jun/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "16.7",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "1.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Processing maliciously crafted web content may lead to arbitrary code execution",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T04:06:12.319Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214100",
            },
            {
               url: "https://support.apple.com/en-us/HT214108",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jun/5",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27833",
      datePublished: "2024-06-10T20:56:35.536Z",
      dateReserved: "2024-02-26T15:32:28.526Z",
      dateUpdated: "2025-02-13T17:46:55.550Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-23213

Vulnerability from cvelistv5

Published

2024-01-23 00:25

Modified

2025-02-13 17:33

Severity ?

Summary

The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214059
	https://support.apple.com/en-us/HT214063
	https://support.apple.com/en-us/HT214055
	https://support.apple.com/en-us/HT214056
	https://support.apple.com/en-us/HT214060
	https://support.apple.com/en-us/HT214061
	https://support.apple.com/kb/HT214060
	https://support.apple.com/kb/HT214063
	https://support.apple.com/kb/HT214059
	https://support.apple.com/kb/HT214061
	https://support.apple.com/kb/HT214055
	https://support.apple.com/kb/HT214056
	http://seclists.org/fulldisclosure/2024/Jan/27
	http://seclists.org/fulldisclosure/2024/Jan/33
	http://seclists.org/fulldisclosure/2024/Jan/36
	http://seclists.org/fulldisclosure/2024/Jan/34
	http://seclists.org/fulldisclosure/2024/Jan/39
	http://seclists.org/fulldisclosure/2024/Jan/40
	http://www.openwall.com/lists/oss-security/2024/02/05/8
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.3

Apple	iOS and iPadOS	Version: unspecified < 16.7
Apple	tvOS	Version: unspecified < 17.3
Apple	Safari	Version: unspecified < 17.3
Apple	watchOS	Version: unspecified < 10.3
Apple	macOS	Version: unspecified < 14.3

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-01T22:59:31.836Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214059",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214063",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214055",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214056",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214060",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214061",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214060",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214063",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214059",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214061",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214055",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT214056",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/27",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/33",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/36",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/34",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/39",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jan/40",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/02/05/8",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "16.7",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Processing web content may lead to arbitrary code execution",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T09:06:04.045Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214059",
            },
            {
               url: "https://support.apple.com/en-us/HT214063",
            },
            {
               url: "https://support.apple.com/en-us/HT214055",
            },
            {
               url: "https://support.apple.com/en-us/HT214056",
            },
            {
               url: "https://support.apple.com/en-us/HT214060",
            },
            {
               url: "https://support.apple.com/en-us/HT214061",
            },
            {
               url: "https://support.apple.com/kb/HT214060",
            },
            {
               url: "https://support.apple.com/kb/HT214063",
            },
            {
               url: "https://support.apple.com/kb/HT214059",
            },
            {
               url: "https://support.apple.com/kb/HT214061",
            },
            {
               url: "https://support.apple.com/kb/HT214055",
            },
            {
               url: "https://support.apple.com/kb/HT214056",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/27",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/33",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/36",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/34",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/39",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jan/40",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/02/05/8",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/",
            },
            {
               url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-23213",
      datePublished: "2024-01-23T00:25:24.505Z",
      dateReserved: "2024-01-12T22:22:21.477Z",
      dateUpdated: "2025-02-13T17:33:55.798Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27808

Vulnerability from cvelistv5

Published

2024-06-10 20:56

Modified

2025-02-13 17:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214106
	https://support.apple.com/en-us/HT214108
	https://support.apple.com/en-us/HT214104
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/Jun/5

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	macOS	Version: unspecified < 14.5
Apple	visionOS	Version: unspecified < 1.2
Apple	watchOS	Version: unspecified < 10.5
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:visionos:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "visionos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "1.2",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "macos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "14.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:watchos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "watchos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "10.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "safari",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:tvos:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tvos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*",
                  ],
                  defaultStatus: "unknown",
                  product: "iphone_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:ipad_os:-:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ipad_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27808",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-13T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-786",
                        description: "CWE-786 Access of Memory Location Before Start of Buffer",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-14T03:56:07.417Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.063Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214108",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214104",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jun/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "1.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Processing web content may lead to arbitrary code execution",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T04:06:31.658Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214106",
            },
            {
               url: "https://support.apple.com/en-us/HT214108",
            },
            {
               url: "https://support.apple.com/en-us/HT214104",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jun/5",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27808",
      datePublished: "2024-06-10T20:56:38.609Z",
      dateReserved: "2024-02-26T15:32:28.519Z",
      dateUpdated: "2025-02-13T17:46:40.618Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2024-27851

Vulnerability from cvelistv5

Published

2024-06-10 20:56

Modified

2025-02-13 17:47

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.

References

▼	URL	Tags
	https://support.apple.com/en-us/HT214101
	https://support.apple.com/en-us/HT214106
	https://support.apple.com/en-us/HT214108
	https://support.apple.com/en-us/HT214104
	https://support.apple.com/en-us/HT214103
	https://support.apple.com/en-us/HT214102
	http://seclists.org/fulldisclosure/2024/Jun/5

Impacted products

Vendor

Product

Version

▼

Apple

iOS and iPadOS

Version: unspecified < 17.5

Apple	macOS	Version: unspecified < 14.5
Apple	visionOS	Version: unspecified < 1.2
Apple	watchOS	Version: unspecified < 10.5
Apple	Safari	Version: unspecified < 17.5
Apple	tvOS	Version: unspecified < 17.5

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "iphone_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:mac_os:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "mac_os",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "14.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:visionos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "visionos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "1.2",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "watchos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "10.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "safari",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
               {
                  cpes: [
                     "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "tvos",
                  vendor: "apple",
                  versions: [
                     {
                        lessThan: "17.5",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "HIGH",
                     attackVector: "NETWORK",
                     availabilityImpact: "HIGH",
                     baseScore: 7.5,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "NONE",
                     scope: "UNCHANGED",
                     userInteraction: "REQUIRED",
                     vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-27851",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-06-14T00:00:00+00:00",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-119",
                        description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-15T03:55:31.726Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T00:41:55.657Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214101",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214106",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214108",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214104",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214103",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/en-us/HT214102",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Jun/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "iOS and iPadOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "macOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "14.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "visionOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "1.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "watchOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "10.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "Safari",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
            {
               product: "tvOS",
               vendor: "Apple",
               versions: [
                  {
                     lessThan: "17.5",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Processing maliciously crafted web content may lead to arbitrary code execution",
                     lang: "en",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-06-12T04:06:01.095Z",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               url: "https://support.apple.com/en-us/HT214101",
            },
            {
               url: "https://support.apple.com/en-us/HT214106",
            },
            {
               url: "https://support.apple.com/en-us/HT214108",
            },
            {
               url: "https://support.apple.com/en-us/HT214104",
            },
            {
               url: "https://support.apple.com/en-us/HT214103",
            },
            {
               url: "https://support.apple.com/en-us/HT214102",
            },
            {
               url: "http://seclists.org/fulldisclosure/2024/Jun/5",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2024-27851",
      datePublished: "2024-06-10T20:56:47.478Z",
      dateReserved: "2024-02-26T15:32:28.532Z",
      dateUpdated: "2025-02-13T17:47:05.396Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature