CVE-2015-3658: The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other…

CVE-2015-3658 [MEDIUM] GHSA-7w75-mgjq-f5m7: The Page Loading functionality in WebKit in Apple Safari before 6 The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.

CVE-2015-3658 [MEDIUM] CVE-2015-3658: The Page Loading functionality in WebKit in Apple Safari before 6 The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.

CVE-2014-1748 WebKitGTK+ vulnerabilities Title: WebKitGTK+ vulnerabilities Summary: Several security issues were fixed in WebKitGTK+. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Instructions: This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany and Evolution, to make all the necessary changes.

CVE-2015-3658 [MEDIUM] CVE-2015-3658: iOS 8.4 Apple Security Update: About the security content of iOS 8.4 Product: iOS Version: 8.4 CVE: CVE-2015-3658 Component: CVE-ID

CVE-2015-3658 [MEDIUM] CVE-2015-3658: Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 Apple Security Update: About the security content of Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 Product: Safari 8.0.7, Safari 7.1.7, and Safari Version: 6.2.7 CVE: CVE-2015-3658 Component: CVE-ID