DEBIAN-CVE-2023-35074

Advisory lineage Upstream: 1 Downstream: 1
Upstream
CVE-2023-35074
Downstream
DSA-5396-1
Published: 27 Sept 2023, 15:18
Last modified:17 Mar 2026, 02:43

Vulnerability Summary

Overall Risk (default)
medium
35/100
CVSS Score
8.8 HIGH
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

27 Sept 2023, 15:18
Published
Vulnerability first disclosed
17 Mar 2026, 02:43
Last Modified
Vulnerability information updated

Description

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.

CVSS Metrics

  • v3.1HIGHScore: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Systems

  • debianwebkit2gtk

    < 2.40.1-1~deb11u1 | < 2.40.0-1 | < 2.40.0-1 | < 2.40.0-1

  • debianwpewebkit

    all | all | < 2.40.2-2 | < 2.40.2-2

References (1)