VAR-202404-0121
Vulnerability from variot - Updated: 2025-07-01 21:18HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.
Users are recommended to upgrade to version 2.4.59, which fixes this issue. ========================================================================== Ubuntu Security Notice USN-6729-2 April 17, 2024
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in Apache HTTP Server.
Software Description: - apache2: Apache HTTP server
Details:
USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709)
Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795)
Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue was addressed only in Ubuntu 18.04 LTS. (CVE-2024-27316)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro): apache2 2.4.29-1ubuntu4.27+esm2
Ubuntu 16.04 LTS (Available with Ubuntu Pro): apache2 2.4.18-2ubuntu3.17+esm12
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6729-2 https://ubuntu.com/security/notices/USN-6729-1 CVE-2023-38709, CVE-2024-24795, CVE-2024-27316
.
For the oldstable distribution (bullseye), these problems have been fixed in version 2.4.59-1~deb11u1.
For the stable distribution (bookworm), these problems have been fixed in version 2.4.59-1~deb12u1.
We recommend that you upgrade your apache2 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202409-31
https://security.gentoo.org/
Severity: Low Title: Apache HTTPD: Multiple Vulnerabilities Date: September 28, 2024 Bugs: #928540, #935296, #935427, #936257 ID: 202409-31
Synopsis
Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service.
Affected packages
Package Vulnerable Unaffected
www-servers/apache < 2.4.62 >= 2.4.62
Description
Multiple vulnerabilities have been discovered in Apache HTTPD. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache HTTPD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.62"
References
[ 1 ] CVE-2023-38709 https://nvd.nist.gov/vuln/detail/CVE-2023-38709 [ 2 ] CVE-2024-24795 https://nvd.nist.gov/vuln/detail/CVE-2024-24795 [ 3 ] CVE-2024-27316 https://nvd.nist.gov/vuln/detail/CVE-2024-27316 [ 4 ] CVE-2024-36387 https://nvd.nist.gov/vuln/detail/CVE-2024-36387 [ 5 ] CVE-2024-38472 https://nvd.nist.gov/vuln/detail/CVE-2024-38472 [ 6 ] CVE-2024-38473 https://nvd.nist.gov/vuln/detail/CVE-2024-38473 [ 7 ] CVE-2024-38474 https://nvd.nist.gov/vuln/detail/CVE-2024-38474 [ 8 ] CVE-2024-38475 https://nvd.nist.gov/vuln/detail/CVE-2024-38475 [ 9 ] CVE-2024-38476 https://nvd.nist.gov/vuln/detail/CVE-2024-38476 [ 10 ] CVE-2024-38477 https://nvd.nist.gov/vuln/detail/CVE-2024-38477 [ 11 ] CVE-2024-39573 https://nvd.nist.gov/vuln/detail/CVE-2024-39573 [ 12 ] CVE-2024-39884 https://nvd.nist.gov/vuln/detail/CVE-2024-39884 [ 13 ] CVE-2024-40725 https://nvd.nist.gov/vuln/detail/CVE-2024-40725 [ 14 ] CVE-2024-40898 https://nvd.nist.gov/vuln/detail/CVE-2024-40898
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202409-31
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-07-29-2024-4 macOS Sonoma 14.6
macOS Sonoma 14.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214119.
Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories.
Accounts Available for: macOS Sonoma Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks. CVE-2024-40804: IES Red Team of ByteDance
apache Available for: macOS Sonoma Impact: Multiple issues in apache Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-38709: Yeto CVE-2024-24795: Yeto CVE-2024-27316: Yeto
APFS Available for: macOS Sonoma Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access. CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji
AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40774: Mickey Jin (@patch1t) CVE-2024-40814: Mickey Jin (@patch1t)
AppleMobileFileIntegrity Available for: macOS Sonoma Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40775: Mickey Jin (@patch1t)
AppleVA Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: The issue was addressed with improved memory handling. CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
ASP TCP Available for: macOS Sonoma Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2024-27878: CertiK SkyFall Team
CoreGraphics Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40799: D4m0n
CoreMedia Available for: macOS Sonoma Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations
curl Available for: macOS Sonoma Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466
DesktopServices Available for: macOS Sonoma Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks. CVE-2024-40827: an anonymous researcher
dyld Available for: macOS Sonoma Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with additional validation. CVE-2024-40815: w0wbox
Family Sharing Available for: macOS Sonoma Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved data protection. CVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji
ImageIO Available for: macOS Sonoma Impact: Processing an image may lead to a denial-of-service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-6277 CVE-2023-52356
ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40806: Yisumi
ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40777: Junsung Lee working with Trend Micro Zero Day Initiative, and Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations
ImageIO Available for: macOS Sonoma Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation. CVE-2024-40784: Junsung Lee working with Trend Micro Zero Day Initiative, Gandalf4a
Kernel Available for: macOS Sonoma Impact: A local attacker may be able to determine kernel memory layout Description: An information disclosure issue was addressed with improved private data redaction for log entries. CVE-2024-27863: CertiK SkyFall Team
Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-40816: sqrtpwn
Kernel Available for: macOS Sonoma Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling. CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University
Keychain Access Available for: macOS Sonoma Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation
libxpc Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: A permissions issue was addressed with additional restrictions. CVE-2024-40805
Messages Available for: macOS Sonoma Impact: An app may be able to view a contact's phone number in system logs Description: The issue was addressed with improved checks. CVE-2024-40832: Rodolphe BRUNETTI (@eisw0lf)
NetworkExtension Available for: macOS Sonoma Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40796: Adam M.
OpenSSH Available for: macOS Sonoma Impact: A remote attacker may be able to cause arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-6387
PackageKit Available for: macOS Sonoma Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks. CVE-2024-40781: Mickey Jin (@patch1t) CVE-2024-40802: Mickey Jin (@patch1t)
PackageKit Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks. CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong
PackageKit Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2024-27882: Mickey Jin (@patch1t) CVE-2024-27883: Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of Kandji
Photos Storage Available for: macOS Sonoma Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management. CVE-2024-40778: Mateen Alinaghi
Restore Framework Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation. CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos
Safari Available for: macOS Sonoma Impact: An app may bypass Gatekeeper checks Description: A race condition was addressed with improved locking. CVE-2023-27952: Csaba Fitzl (@theevilbit) of Offensive Security
Safari Available for: macOS Sonoma Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India)
Sandbox Available for: macOS Sonoma Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed through improved state management. CVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog), and Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong
Sandbox Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: A path handling issue was addressed with improved validation. CVE-2024-27871: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji, and Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong
Scripting Bridge Available for: macOS Sonoma Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-27881: Kirin (@Pwnrin)
Security Available for: macOS Sonoma Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2024-40821: Joshua Jones
Security Available for: macOS Sonoma Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-40798: Adam M.
Security Initialization Available for: macOS Sonoma Impact: An app may be able to access protected user data Description: This issue was addressed with improved validation of symlinks. CVE-2024-27872: Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong
Setup Assistant Available for: macOS Sonoma Impact: Enabling Lockdown Mode while setting up a Mac may cause FileVault to become unexpectedly disabled Description: A logic issue was addressed with improved state management. CVE-2024-27862: Jiwon Park
Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks. CVE-2024-40833: an anonymous researcher CVE-2024-40835: an anonymous researcher CVE-2024-40836: an anonymous researcher CVE-2024-40807: an anonymous researcher
Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40834: Marcio Almeida from Tanto Security
Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks. CVE-2024-40809: an anonymous researcher CVE-2024-40812: an anonymous researcher
Shortcuts Available for: macOS Sonoma Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40787: an anonymous researcher
Shortcuts Available for: macOS Sonoma Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code. CVE-2024-40793: Kirin (@Pwnrin)
Siri Available for: macOS Sonoma Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40818: Bistrit Dahal and Srijan Poudel
Siri Available for: macOS Sonoma Impact: An attacker with physical access to a device may be able to access contacts from the lock screen Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40822: Srijan Poudel
StorageKit Available for: macOS Sonoma Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks. CVE-2024-40828: Mickey Jin (@patch1t)
sudo Available for: macOS Sonoma Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks. CVE-2024-40811: Arsenii Kostromin (0x3c3e)
WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 273176 CVE-2024-40776: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 268770 CVE-2024-40782: Maksymilian Motyl
WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 275431 CVE-2024-40779: Huang Xilin of Ant Group Light-Year Security Lab WebKit Bugzilla: 275273 CVE-2024-40780: Huang Xilin of Ant Group Light-Year Security Lab
WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. WebKit Bugzilla: 273805 CVE-2024-40785: Johan Carlsson (joaxcar)
WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-40789: Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with Trend Micro Zero Day Initiative
WebKit Available for: macOS Sonoma Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. WebKit Bugzilla: 274165 CVE-2024-4558
WebKit Available for: macOS Sonoma Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management. WebKit Bugzilla: 275272 CVE-2024-40794: Matthew Butler
Additional recognition
AirDrop We would like to acknowledge Linwz of DEVCORE for their assistance.
DiskArbitration We would like to acknowledge Yann GASCUEL of Alter Solutions for their assistance.
Image Capture We would like to acknowledge an anonymous researcher for their assistance.
Shortcuts We would like to acknowledge an anonymous researcher for their assistance.
WebKit We would like to acknowledge an anonymous researcher for their assistance.
macOS Sonoma 14.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH5kACgkQX+5d1TXa IvoS9g/9FoLSV93tVrIOZIM4w/BEZRFu/T1DfMPzOsZsOrvaQicKq7ezW+pRrMXI G0QBIz1QGCYZikcbyQOpgzl9Rk7ckfq+mMCn1ESWku1DbR6MOU7lZEpWRsjYStQY ra6BRT45GPtGG0YFyQXGnxMoS5IXopV5tmgQ4M4585xXso4/Dw192Vq/68NPIB2V ywa6fCo6VC7/hHMe0v5GFVJzmSymEYF3b0CNHZVFx1K793hHrYjH1Dj4NcRlqyln Kp3IrABhPPW8l67gS6f8RicZwzWOH3Ubwv4kivlTtDusqeX+/7mlXrvGTYd5G39P 70jSwUeekfYkQYGT5yLjFCOTM98ApG4iHnryEkpNldMk9JRozoN3VT5PDv6b7EtR YsG1UiZNn0rq1TurFHdsX7G8LZX1jBe1XNy883FeuPlXuPQwGcds+Q5UpiGoM5Kj xx0SGiaK4Lg9tOsGDvHDvrtgl9vIGYy07953Gre+xUhdNs+AnG8KhwKs+n3WYjcL lH3ffMkq/NTVohaNaIcNk4YQ7Y5+y9Y0Z2YuYTmaOipxMNEpOnvJj6LB1H5Qgj4M LIuUxs1gl2b7B93J95w8FmdFewvUCgcZwTxU2ltsYAcZHnRwWE0twYP5v1Pc8tOG MZuvS0pTI+hgve1viS0inOnRpoYv+KzkaSYEhvsS16NgDuRUOqE= =eOPj -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202404-0121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "38"
},
{
"model": "ontap tools",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "10"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.59"
},
{
"model": "fabric operating system",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "40"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.6"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "39"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": "9"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178298"
}
],
"trust": 0.3
},
"cve": "CVE-2024-24795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2024-24795",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-24795",
"trust": 1.0,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. \n\nUsers are recommended to upgrade to version 2.4.59, which fixes this issue. ==========================================================================\nUbuntu Security Notice USN-6729-2\nApril 17, 2024\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. \n\nSoftware Description:\n- apache2: Apache HTTP server\n\nDetails:\n\nUSN-6729-1 fixed several vulnerabilities in Apache. This update provides\nthe corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. \n\nOriginal advisory details:\n\n Orange Tsai discovered that the Apache HTTP Server incorrectly handled\n validating certain input. A remote attacker could possibly use this\n issue to perform HTTP request splitting attacks. (CVE-2023-38709)\n\n Keran Mu and Jianjun Chen discovered that the Apache HTTP Server\n incorrectly handled validating certain input. A remote attacker could\n possibly use this issue to perform HTTP request splitting attacks. \n (CVE-2024-24795)\n\n Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module\n incorrectly handled endless continuation frames. A remote attacker could\n possibly use this issue to cause the server to consume resources, leading\n to a denial of service. This issue was addressed only in Ubuntu 18.04 LTS. \n (CVE-2024-27316)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n apache2 2.4.29-1ubuntu4.27+esm2\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n apache2 2.4.18-2ubuntu3.17+esm12\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6729-2\n https://ubuntu.com/security/notices/USN-6729-1\n CVE-2023-38709, CVE-2024-24795, CVE-2024-27316\n\n. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 2.4.59-1~deb11u1. \n\nFor the stable distribution (bookworm), these problems have been fixed in\nversion 2.4.59-1~deb12u1. \n\nWe recommend that you upgrade your apache2 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202409-31\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: Apache HTTPD: Multiple Vulnerabilities\n Date: September 28, 2024\n Bugs: #928540, #935296, #935427, #936257\n ID: 202409-31\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Apache HTTPD, the worst of\nwhich could result in denial of service. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n------------------ ------------ ------------\nwww-servers/apache \u003c 2.4.62 \u003e= 2.4.62\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Apache HTTPD. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache HTTPD users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.4.62\"\n\nReferences\n==========\n\n[ 1 ] CVE-2023-38709\n https://nvd.nist.gov/vuln/detail/CVE-2023-38709\n[ 2 ] CVE-2024-24795\n https://nvd.nist.gov/vuln/detail/CVE-2024-24795\n[ 3 ] CVE-2024-27316\n https://nvd.nist.gov/vuln/detail/CVE-2024-27316\n[ 4 ] CVE-2024-36387\n https://nvd.nist.gov/vuln/detail/CVE-2024-36387\n[ 5 ] CVE-2024-38472\n https://nvd.nist.gov/vuln/detail/CVE-2024-38472\n[ 6 ] CVE-2024-38473\n https://nvd.nist.gov/vuln/detail/CVE-2024-38473\n[ 7 ] CVE-2024-38474\n https://nvd.nist.gov/vuln/detail/CVE-2024-38474\n[ 8 ] CVE-2024-38475\n https://nvd.nist.gov/vuln/detail/CVE-2024-38475\n[ 9 ] CVE-2024-38476\n https://nvd.nist.gov/vuln/detail/CVE-2024-38476\n[ 10 ] CVE-2024-38477\n https://nvd.nist.gov/vuln/detail/CVE-2024-38477\n[ 11 ] CVE-2024-39573\n https://nvd.nist.gov/vuln/detail/CVE-2024-39573\n[ 12 ] CVE-2024-39884\n https://nvd.nist.gov/vuln/detail/CVE-2024-39884\n[ 13 ] CVE-2024-40725\n https://nvd.nist.gov/vuln/detail/CVE-2024-40725\n[ 14 ] CVE-2024-40898\n https://nvd.nist.gov/vuln/detail/CVE-2024-40898\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202409-31\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-07-29-2024-4 macOS Sonoma 14.6\n\nmacOS Sonoma 14.6 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT214119. \n\nApple maintains a Security Releases page at\nhttps://support.apple.com/HT201222 which lists recent\nsoftware updates with security advisories. \n\nAccounts\nAvailable for: macOS Sonoma\nImpact: A malicious application may be able to access private\ninformation\nDescription: The issue was addressed with improved checks. \nCVE-2024-40804: IES Red Team of ByteDance\n\napache\nAvailable for: macOS Sonoma\nImpact: Multiple issues in apache\nDescription: This is a vulnerability in open source code and Apple\nSoftware is among the affected projects. The CVE-ID was assigned by a\nthird party. Learn more about the issue and CVE-ID at cve.org. \nCVE-2023-38709: Yeto\nCVE-2024-24795: Yeto\nCVE-2024-27316: Yeto\n\nAPFS\nAvailable for: macOS Sonoma\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: The issue was addressed with improved restriction of data\ncontainer access. \nCVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji\n\nAppleMobileFileIntegrity\nAvailable for: macOS Sonoma\nImpact: An app may be able to bypass Privacy preferences\nDescription: A downgrade issue was addressed with additional code-\nsigning restrictions. \nCVE-2024-40774: Mickey Jin (@patch1t)\nCVE-2024-40814: Mickey Jin (@patch1t)\n\nAppleMobileFileIntegrity\nAvailable for: macOS Sonoma\nImpact: An app may be able to leak sensitive user information\nDescription: A downgrade issue was addressed with additional code-\nsigning restrictions. \nCVE-2024-40775: Mickey Jin (@patch1t)\n\nAppleVA\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted file may lead to unexpected app\ntermination\nDescription: The issue was addressed with improved memory handling. \nCVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day\nInitiative\n\nASP TCP\nAvailable for: macOS Sonoma\nImpact: An app with root privileges may be able to execute arbitrary\ncode with kernel privileges\nDescription: A buffer overflow issue was addressed with improved memory\nhandling. \nCVE-2024-27878: CertiK SkyFall Team\n\nCoreGraphics\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted file may lead to unexpected app\ntermination\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2024-40799: D4m0n\n\nCoreMedia\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted video file may lead to\nunexpected app termination\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2024-27873: Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter\nAdversary Operations\n\ncurl\nAvailable for: macOS Sonoma\nImpact: Multiple issues in curl\nDescription: This is a vulnerability in open source code and Apple\nSoftware is among the affected projects. The CVE-ID was assigned by a\nthird party. Learn more about the issue and CVE-ID at cve.org. \nCVE-2024-2004\nCVE-2024-2379\nCVE-2024-2398\nCVE-2024-2466\n\nDesktopServices\nAvailable for: macOS Sonoma\nImpact: An app may be able to overwrite arbitrary files\nDescription: The issue was addressed with improved checks. \nCVE-2024-40827: an anonymous researcher\n\ndyld\nAvailable for: macOS Sonoma\nImpact: A malicious attacker with arbitrary read and write capability\nmay be able to bypass Pointer Authentication\nDescription: A race condition was addressed with additional validation. \nCVE-2024-40815: w0wbox\n\nFamily Sharing\nAvailable for: macOS Sonoma\nImpact: An app may be able to read sensitive location information\nDescription: This issue was addressed with improved data protection. \nCVE-2024-40795: Csaba Fitzl (@theevilbit) of Kandji\n\nImageIO\nAvailable for: macOS Sonoma\nImpact: Processing an image may lead to a denial-of-service\nDescription: This is a vulnerability in open source code and Apple\nSoftware is among the affected projects. The CVE-ID was assigned by a\nthird party. Learn more about the issue and CVE-ID at cve.org. \nCVE-2023-6277\nCVE-2023-52356\n\nImageIO\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted file may lead to unexpected app\ntermination\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2024-40806: Yisumi\n\nImageIO\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted file may lead to unexpected app\ntermination\nDescription: An out-of-bounds access issue was addressed with improved\nbounds checking. \nCVE-2024-40777: Junsung Lee working with Trend Micro Zero Day\nInitiative, and Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter\nAdversary Operations\n\nImageIO\nAvailable for: macOS Sonoma\nImpact: Processing a maliciously crafted file may lead to unexpected app\ntermination\nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2024-40784: Junsung Lee working with Trend Micro Zero Day\nInitiative, Gandalf4a\n\nKernel\nAvailable for: macOS Sonoma\nImpact: A local attacker may be able to determine kernel memory layout\nDescription: An information disclosure issue was addressed with improved\nprivate data redaction for log entries. \nCVE-2024-27863: CertiK SkyFall Team\n\nKernel\nAvailable for: macOS Sonoma\nImpact: A local attacker may be able to cause unexpected system shutdown\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2024-40816: sqrtpwn\n\nKernel\nAvailable for: macOS Sonoma\nImpact: A local attacker may be able to cause unexpected system shutdown\nDescription: A type confusion issue was addressed with improved memory\nhandling. \nCVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University\n\nKeychain Access\nAvailable for: macOS Sonoma\nImpact: An attacker may be able to cause unexpected app termination\nDescription: A type confusion issue was addressed with improved checks. \nCVE-2024-40803: Patrick Wardle of DoubleYou \u0026 the Objective-See\nFoundation\n\nlibxpc\nAvailable for: macOS Sonoma\nImpact: An app may be able to bypass Privacy preferences\nDescription: A permissions issue was addressed with additional\nrestrictions. \nCVE-2024-40805\n\nMessages\nAvailable for: macOS Sonoma\nImpact: An app may be able to view a contact\u0027s phone number in system\nlogs\nDescription: The issue was addressed with improved checks. \nCVE-2024-40832: Rodolphe BRUNETTI (@eisw0lf)\n\nNetworkExtension\nAvailable for: macOS Sonoma\nImpact: Private browsing may leak some browsing history\nDescription: A privacy issue was addressed with improved private data\nredaction for log entries. \nCVE-2024-40796: Adam M. \n\nOpenSSH\nAvailable for: macOS Sonoma\nImpact: A remote attacker may be able to cause arbitrary code execution\nDescription: This is a vulnerability in open source code and Apple\nSoftware is among the affected projects. The CVE-ID was assigned by a\nthird party. Learn more about the issue and CVE-ID at cve.org. \nCVE-2024-6387\n\nPackageKit\nAvailable for: macOS Sonoma\nImpact: A local attacker may be able to elevate their privileges\nDescription: The issue was addressed with improved checks. \nCVE-2024-40781: Mickey Jin (@patch1t)\nCVE-2024-40802: Mickey Jin (@patch1t)\n\nPackageKit\nAvailable for: macOS Sonoma\nImpact: An app may be able to access user-sensitive data\nDescription: The issue was addressed with improved checks. \nCVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of\nJingDong\n\nPackageKit\nAvailable for: macOS Sonoma\nImpact: An app may be able to modify protected parts of the file system\nDescription: A permissions issue was addressed with additional\nrestrictions. \nCVE-2024-27882: Mickey Jin (@patch1t)\nCVE-2024-27883: Mickey Jin (@patch1t), and Csaba Fitzl (@theevilbit) of\nKandji\n\nPhotos Storage\nAvailable for: macOS Sonoma\nImpact: Photos in the Hidden Photos Album may be viewed without\nauthentication\nDescription: An authentication issue was addressed with improved state\nmanagement. \nCVE-2024-40778: Mateen Alinaghi\n\nRestore Framework\nAvailable for: macOS Sonoma\nImpact: An app may be able to modify protected parts of the file system\nDescription: An input validation issue was addressed with improved input\nvalidation. \nCVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos\n\nSafari\nAvailable for: macOS Sonoma\nImpact: An app may bypass Gatekeeper checks\nDescription: A race condition was addressed with improved locking. \nCVE-2023-27952: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSafari\nAvailable for: macOS Sonoma\nImpact: Visiting a website that frames malicious content may lead to UI\nspoofing\nDescription: The issue was addressed with improved UI handling. \nCVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber\nSecurity At Suma Soft Pvt. Ltd, Pune (India)\n\nSandbox\nAvailable for: macOS Sonoma\nImpact: An app may be able to bypass Privacy preferences\nDescription: This issue was addressed through improved state management. \nCVE-2024-40824: Wojciech Regula of SecuRing (wojciechregula.blog), and\nZhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong\n\nSandbox\nAvailable for: macOS Sonoma\nImpact: An app may be able to access protected user data\nDescription: A path handling issue was addressed with improved\nvalidation. \nCVE-2024-27871: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of\nKandji, and Zhongquan Li (@Guluisacat) of Dawn Security Lab of JingDong\n\nScripting Bridge\nAvailable for: macOS Sonoma\nImpact: An app may be able to access information about a user\u2019s contacts\nDescription: A privacy issue was addressed with improved private data\nredaction for log entries. \nCVE-2024-27881: Kirin (@Pwnrin)\n\nSecurity\nAvailable for: macOS Sonoma\nImpact: Third party app extensions may not receive the correct sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2024-40821: Joshua Jones\n\nSecurity\nAvailable for: macOS Sonoma\nImpact: An app may be able to read Safari\u0027s browsing history\nDescription: This issue was addressed with improved redaction of\nsensitive information. \nCVE-2024-40798: Adam M. \n\nSecurity Initialization\nAvailable for: macOS Sonoma\nImpact: An app may be able to access protected user data\nDescription: This issue was addressed with improved validation of\nsymlinks. \nCVE-2024-27872: Zhongquan Li (@Guluisacat) of Dawn Security Lab of\nJingDong\n\nSetup Assistant\nAvailable for: macOS Sonoma\nImpact: Enabling Lockdown Mode while setting up a Mac may cause\nFileVault to become unexpectedly disabled\nDescription: A logic issue was addressed with improved state management. \nCVE-2024-27862: Jiwon Park\n\nShortcuts\nAvailable for: macOS Sonoma\nImpact: A shortcut may be able to use sensitive data with certain\nactions without prompting the user\nDescription: A logic issue was addressed with improved checks. \nCVE-2024-40833: an anonymous researcher\nCVE-2024-40835: an anonymous researcher\nCVE-2024-40836: an anonymous researcher\nCVE-2024-40807: an anonymous researcher\n\nShortcuts\nAvailable for: macOS Sonoma\nImpact: A shortcut may be able to bypass sensitive Shortcuts app\nsettings\nDescription: This issue was addressed by adding an additional prompt for\nuser consent. \nCVE-2024-40834: Marcio Almeida from Tanto Security\n\nShortcuts\nAvailable for: macOS Sonoma\nImpact: A shortcut may be able to bypass Internet permission\nrequirements\nDescription: A logic issue was addressed with improved checks. \nCVE-2024-40809: an anonymous researcher\nCVE-2024-40812: an anonymous researcher\n\nShortcuts\nAvailable for: macOS Sonoma\nImpact: A shortcut may be able to bypass Internet permission\nrequirements\nDescription: This issue was addressed by adding an additional prompt for\nuser consent. \nCVE-2024-40787: an anonymous researcher\n\nShortcuts\nAvailable for: macOS Sonoma\nImpact: An app may be able to access user-sensitive data\nDescription: This issue was addressed by removing the vulnerable code. \nCVE-2024-40793: Kirin (@Pwnrin)\n\nSiri\nAvailable for: macOS Sonoma\nImpact: An attacker with physical access may be able to use Siri to\naccess sensitive user data\nDescription: This issue was addressed by restricting options offered on\na locked device. \nCVE-2024-40818: Bistrit Dahal and Srijan Poudel\n\nSiri\nAvailable for: macOS Sonoma\nImpact: An attacker with physical access to a device may be able to\naccess contacts from the lock screen\nDescription: This issue was addressed by restricting options offered on\na locked device. \nCVE-2024-40822: Srijan Poudel\n\nStorageKit\nAvailable for: macOS Sonoma\nImpact: A malicious app may be able to gain root privileges\nDescription: The issue was addressed with improved checks. \nCVE-2024-40828: Mickey Jin (@patch1t)\n\nsudo\nAvailable for: macOS Sonoma\nImpact: An app may be able to modify protected parts of the file system\nDescription: The issue was addressed with improved checks. \nCVE-2024-40811: Arsenii Kostromin (0x3c3e)\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Processing maliciously crafted web content may lead to an\nunexpected process crash\nDescription: A use-after-free issue was addressed with improved memory\nmanagement. \nWebKit Bugzilla: 273176\nCVE-2024-40776: Huang Xilin of Ant Group Light-Year Security Lab\nWebKit Bugzilla: 268770\nCVE-2024-40782: Maksymilian Motyl\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Processing maliciously crafted web content may lead to an\nunexpected process crash\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nWebKit Bugzilla: 275431\nCVE-2024-40779: Huang Xilin of Ant Group Light-Year Security Lab\nWebKit Bugzilla: 275273\nCVE-2024-40780: Huang Xilin of Ant Group Light-Year Security Lab\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Processing maliciously crafted web content may lead to a cross\nsite scripting attack\nDescription: This issue was addressed with improved checks. \nWebKit Bugzilla: 273805\nCVE-2024-40785: Johan Carlsson (joaxcar)\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Processing maliciously crafted web content may lead to an\nunexpected process crash\nDescription: An out-of-bounds access issue was addressed with improved\nbounds checking. \nCVE-2024-40789: Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with\nTrend Micro Zero Day Initiative\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Processing maliciously crafted web content may lead to an\nunexpected process crash\nDescription: This is a vulnerability in open source code and Apple\nSoftware is among the affected projects. The CVE-ID was assigned by a\nthird party. Learn more about the issue and CVE-ID at cve.org. \nWebKit Bugzilla: 274165\nCVE-2024-4558\n\nWebKit\nAvailable for: macOS Sonoma\nImpact: Private Browsing tabs may be accessed without authentication\nDescription: This issue was addressed through improved state management. \nWebKit Bugzilla: 275272\nCVE-2024-40794: Matthew Butler\n\nAdditional recognition\n\nAirDrop\nWe would like to acknowledge Linwz of DEVCORE for their assistance. \n\nDiskArbitration\nWe would like to acknowledge Yann GASCUEL of Alter Solutions for their\nassistance. \n\nImage Capture\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nShortcuts\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nWebKit\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nmacOS Sonoma 14.6 may be obtained from the Mac App Store or Apple\u0027s\nSoftware Downloads web site: https://support.apple.com/downloads/\nAll information is also posted on the Apple Security Releases\nweb site: https://support.apple.com/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH5kACgkQX+5d1TXa\nIvoS9g/9FoLSV93tVrIOZIM4w/BEZRFu/T1DfMPzOsZsOrvaQicKq7ezW+pRrMXI\nG0QBIz1QGCYZikcbyQOpgzl9Rk7ckfq+mMCn1ESWku1DbR6MOU7lZEpWRsjYStQY\nra6BRT45GPtGG0YFyQXGnxMoS5IXopV5tmgQ4M4585xXso4/Dw192Vq/68NPIB2V\nywa6fCo6VC7/hHMe0v5GFVJzmSymEYF3b0CNHZVFx1K793hHrYjH1Dj4NcRlqyln\nKp3IrABhPPW8l67gS6f8RicZwzWOH3Ubwv4kivlTtDusqeX+/7mlXrvGTYd5G39P\n70jSwUeekfYkQYGT5yLjFCOTM98ApG4iHnryEkpNldMk9JRozoN3VT5PDv6b7EtR\nYsG1UiZNn0rq1TurFHdsX7G8LZX1jBe1XNy883FeuPlXuPQwGcds+Q5UpiGoM5Kj\nxx0SGiaK4Lg9tOsGDvHDvrtgl9vIGYy07953Gre+xUhdNs+AnG8KhwKs+n3WYjcL\nlH3ffMkq/NTVohaNaIcNk4YQ7Y5+y9Y0Z2YuYTmaOipxMNEpOnvJj6LB1H5Qgj4M\nLIuUxs1gl2b7B93J95w8FmdFewvUCgcZwTxU2ltsYAcZHnRwWE0twYP5v1Pc8tOG\nMZuvS0pTI+hgve1viS0inOnRpoYv+KzkaSYEhvsS16NgDuRUOqE=\n=eOPj\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-24795"
},
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178096"
},
{
"db": "PACKETSTORM",
"id": "178298"
},
{
"db": "PACKETSTORM",
"id": "181910"
},
{
"db": "PACKETSTORM",
"id": "179789"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-24795",
"trust": 1.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2024/04/04/5",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "178035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178131",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178096",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178298",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "181910",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "179789",
"trust": 0.1
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178096"
},
{
"db": "PACKETSTORM",
"id": "178298"
},
{
"db": "PACKETSTORM",
"id": "181910"
},
{
"db": "PACKETSTORM",
"id": "179789"
},
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"id": "VAR-202404-0121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.625
},
"last_update_date": "2025-07-01T21:18:45.102000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-113",
"trust": 1.0
},
{
"problemtype": "CWE-444",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wnv4szapvs43dzwnfu7xbyyozezmi4zc/"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2024/jul/18"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00014.html"
},
{
"trust": 1.0,
"url": "http://www.openwall.com/lists/oss-security/2024/04/04/5"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240415-0013/"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
},
{
"trust": 1.0,
"url": "https://support.apple.com/kb/ht214119"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lx5u34kygdyprh3aj6mddcbjdwdpxnvj/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/i2n2nzex3mr64iwsgl3qgn7ksrugaemf/"
},
{
"trust": 1.0,
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-27316"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-24795"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-38709"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-6729-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.52-1ubuntu4.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.17"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.57-2ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6729-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-43622"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-45802"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/apache2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-31122"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6729-3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.58-1ubuntu8.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-36387"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38474"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-39573"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38473"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-39884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38475"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202409-31"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38472"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-40898"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-40725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-38477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-27872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27952"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-2004"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht201222."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-52356"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-27863"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-2466"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-2379"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-27871"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-6277"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-2398"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-27862"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht214119."
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
}
],
"sources": [
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178096"
},
{
"db": "PACKETSTORM",
"id": "178298"
},
{
"db": "PACKETSTORM",
"id": "181910"
},
{
"db": "PACKETSTORM",
"id": "179789"
},
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178096"
},
{
"db": "PACKETSTORM",
"id": "178298"
},
{
"db": "PACKETSTORM",
"id": "181910"
},
{
"db": "PACKETSTORM",
"id": "179789"
},
{
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-04-12T14:46:14",
"db": "PACKETSTORM",
"id": "178035"
},
{
"date": "2024-04-18T15:28:17",
"db": "PACKETSTORM",
"id": "178131"
},
{
"date": "2024-04-17T15:49:51",
"db": "PACKETSTORM",
"id": "178096"
},
{
"date": "2024-04-29T14:47:52",
"db": "PACKETSTORM",
"id": "178298"
},
{
"date": "2024-09-30T14:35:24",
"db": "PACKETSTORM",
"id": "181910"
},
{
"date": "2024-07-30T12:21:31",
"db": "PACKETSTORM",
"id": "179789"
},
{
"date": "2024-04-04T20:15:08.663000",
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-06-30T12:55:47.280000",
"db": "NVD",
"id": "CVE-2024-24795"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "178035"
},
{
"db": "PACKETSTORM",
"id": "178131"
},
{
"db": "PACKETSTORM",
"id": "178298"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu Security Notice USN-6729-1",
"sources": [
{
"db": "PACKETSTORM",
"id": "178035"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow, spoof, code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "179789"
}
],
"trust": 0.1
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.