Lorenzo Veronese

**Name of the Vulnerable Software and Affected Versions** WebKitGTK versions prior to the fixed version WPE WebKit versions prior to the fixed version iOS versions prior to 16.6 iPadOS versions prior to 16.6 watchOS versions prior to 9.6 tvOS versions prior to 16.6 macOS Ventura versions prior to 13.5 **Description** A logic issue was addressed with improved restrictions. Processing web content may lead to arbitrary code execution. This issue is caused by a buffer overflow in the web page display modules of WebKitGTK and WPE WebKit. **Recommendations** For WebKitGTK, update to a version that includes the fix for this issue. For WPE WebKit, update to a version that includes the fix for this issue. For iOS, update to version 16.6 or later. For iPadOS, update to version 16.6 or later. For watchOS, update to version 9.6 or later. For tvOS, update to version 16.6 or later. For macOS Ventura, update to version 13.5 or later.

**Name of the Vulnerable Software and Affected Versions** passport versions prior to 0.6.0 **Description** The issue affects the passport package, causing the session to be regenerated instead of being closed when a user logs in or logs out. **Recommendations** For versions prior to 0.6.0, update to version 0.6.0 or later to resolve the issue.