CVE-2016-4591 (retired)

Priority
Description
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before
9.2.2 mishandles the location variable, which allows remote attackers to
access the local filesystem via unspecified vectors.
Notes
jdstrandwebkit receives limited support. For details, see
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):ignored (no update available)
Patches:
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):ignored (no update available)
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (2.12.4)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.12.5-0ubuntu0.16.04.1)
Package
Upstream:needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):ignored (no update available)
More Information

Updated: 2019-10-09 07:56:32 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)