{
  "threat_severity" : "Moderate",
  "public_date" : "2024-09-25T00:00:00Z",
  "bugzilla" : {
    "description" : "webkitgtk: A maliciously crafted webpage may be able to fingerprint the user",
    "id" : "2314702",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2314702"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-200",
  "details" : [ "The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user.", "A flaw was found in WebKit. This vulnerability allows a maliciously crafted webpage to fingerprint the user." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "release_date" : "2025-07-07T00:00:00Z",
    "advisory" : "RHSA-2025:10364",
    "cpe" : "cpe:/o:redhat:rhel_els:7",
    "package" : "webkitgtk4-0:2.48.3-2.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-11-14T00:00:00Z",
    "advisory" : "RHSA-2024:9636",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "webkit2gtk3-0:2.46.3-1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-10-16T00:00:00Z",
    "advisory" : "RHSA-2024:8180",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "webkit2gtk3-0:2.46.1-2.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "webkitgtk3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-27838\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27838\nhttps://webkitgtk.org/security/WSA-2024-0005.html" ],
  "name" : "CVE-2024-27838",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}