CVE-2017-2475

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-2475

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2475.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-2475

Related

USN-3257-1

Published

2017-04-02T01:59:03Z

Modified

2024-06-30T12:01:22Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.

References

Affected packages

Debian:11 / webkit2gtk

Package

Name: webkit2gtk
Purl: pkg:deb/debian/webkit2gtk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.14.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / webkit2gtk

Package

Name: webkit2gtk
Purl: pkg:deb/debian/webkit2gtk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.14.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / webkit2gtk

Package

Name: webkit2gtk
Purl: pkg:deb/debian/webkit2gtk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.14.6-1

Ecosystem specific

{
    "urgency": "unimportant"
}