CVE-2016-1858: WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to…

CVE-2016-1858 [MEDIUM] CWE-200 GHSA-r2c6-xm5m-7vg5: WebKit, as used in Apple iOS before 9 WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

CVE-2016-1858 [MEDIUM] CVE-2016-1858: WebKit, as used in Apple iOS before 9 WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

CVE-2016-1854 WebKitGTK+ vulnerabilities Title: WebKitGTK+ vulnerabilities Summary: Several security issues were fixed in WebKitGTK+. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Instructions: This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

CVE-2016-1858 [MEDIUM] CVE-2016-1858: iOS 9.3.2 Apple Security Update: About the security content of iOS 9.3.2 Product: iOS Version: 9.3.2 CVE: CVE-2016-1858 Component: CVE-ID

CVE-2016-1858 [MEDIUM] CVE-2016-1858: tvOS 9.2.1 Apple Security Update: About the security content of tvOS 9.2.1 Product: tvOS Version: 9.2.1 CVE: CVE-2016-1858 Component: CVE-ID

CVE-2016-1858 [MEDIUM] CVE-2016-1858: Safari 9.1.1 Apple Security Update: About the security content of Safari 9.1.1 Product: Safari Version: 9.1.1 CVE: CVE-2016-1858 Component: CVE-ID