DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-1817", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-1817", "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.", "published": "2021-09-08T15:15:00", "modified": "2021-09-16T17:47:00", "epss": [{"cve": "CVE-2021-1817", "epss": 0.00272, "percentile": 0.63139, "modified": "2023-05-27"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1817", "reporter": "product-security@apple.com", "references": ["https://support.apple.com/en-us/HT212317", "https://support.apple.com/en-us/HT212325", "https://support.apple.com/en-us/HT212323", "https://support.apple.com/en-us/HT212324"], "cvelist": ["CVE-2021-1817"], "immutableFields": [], "lastseen": "2023-05-27T14:14:39", "viewCount": 121, "enchantments": {"dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-1817"]}, {"type": "apple", "idList": ["APPLE:2A32C0762786DF36357D645066CDC600", "APPLE:48BC28AAD9E0029F9CF17E3ED0A5F181", "APPLE:CA6473609072D4746735999863BFAC33", "APPLE:D1804CFB5985973BEAA4CE367152D5F6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-1817"]}, {"type": "gentoo", "idList": ["GLSA-202202-01"]}, {"type": "ibm", "idList": ["6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96"]}, {"type": "nessus", "idList": ["ALMA_LINUX_ALSA-2021-1586.NASL", "GENTOO_GLSA-202202-01.NASL", "MACOS_HT212325.NASL", "NEWSTART_CGSL_NS-SA-2022-0048_WEBKIT2GTK3.NASL", "OPENSUSE-2022-0182-1.NASL", "REDHAT-RHSA-2021-1586.NASL", "ROCKY_LINUX_RLSA-2021-1586.NASL", "SUSE_SU-2022-0142-1.NASL", "SUSE_SU-2022-0182-1.NASL", "SUSE_SU-2022-0182-2.NASL", "SUSE_SU-2022-0183-1.NASL"]}, {"type": "osv", "idList": ["OSV:DSA-4797-1"]}, {"type": "redhat", "idList": ["RHSA-2021:1586"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-1817"]}, {"type": "rocky", "idList": ["RLSA-2021:1586"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0182-1", "OPENSUSE-SU-2022:0182-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-1817"]}]}, "score": {"value": 3.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "apple", "idList": ["APPLE:2A32C0762786DF36357D645066CDC600", "APPLE:48BC28AAD9E0029F9CF17E3ED0A5F181", "APPLE:CA6473609072D4746735999863BFAC33", "APPLE:D1804CFB5985973BEAA4CE367152D5F6"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-1817"]}, {"type": "gentoo", "idList": ["GLSA-202202-01"]}, {"type": "ibm", "idList": ["6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96"]}, {"type": "nessus", "idList": ["APPLE_IOS_145_CHECK.NBIN", "GENTOO_GLSA-202202-01.NASL", "MACOS_HT212325.NASL", "SUSE_SU-2022-0142-1.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:1586"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-1817"]}, {"type": "rocky", "idList": ["RLSA-2021:1586"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0182-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-1817"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "apple ipados", "version": 14}, {"name": "apple iphone os", "version": 14}, {"name": "apple macos", "version": 11}, {"name": "apple tvos", "version": 14}, {"name": "apple watchos", "version": 7}]}, "epss": [{"cve": "CVE-2021-1817", "epss": 0.00272, "percentile": 0.63101, "modified": "2023-05-06"}], "vulnersScore": 3.2}, "_state": {"dependencies": 1685214608, "score": 1685196919, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "abbd9fb5e437f76b47920338db6186b4"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-787"], "affectedSoftware": [{"cpeName": "apple:macos", "version": "11.3", "operator": "lt", "name": "apple macos"}, {"cpeName": "apple:iphone_os", "version": "14.5", "operator": "lt", "name": "apple iphone os"}, {"cpeName": "apple:tvos", "version": "14.5", "operator": "lt", "name": "apple tvos"}, {"cpeName": "apple:watchos", "version": "7.4", "operator": "lt", "name": "apple watchos"}, {"cpeName": "apple:ipados", "version": "14.5", "operator": "lt", "name": "apple ipados"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:macos:11.3:*:*:*:*:*:*:*", "versionStartIncluding": "11.0", "versionEndExcluding": "11.3", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:iphone_os:14.5:*:*:*:*:*:*:*", "versionEndExcluding": "14.5", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:tvos:14.5:*:*:*:*:*:*:*", "versionEndExcluding": "14.5", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:watchos:7.4:*:*:*:*:*:*:*", "versionEndExcluding": "7.4", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:ipados:14.5:*:*:*:*:*:*:*", "versionEndExcluding": "14.5", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://support.apple.com/en-us/HT212317", "name": "https://support.apple.com/en-us/HT212317", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/HT212325", "name": "https://support.apple.com/en-us/HT212325", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/HT212323", "name": "https://support.apple.com/en-us/HT212323", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/HT212324", "name": "https://support.apple.com/en-us/HT212324", "refsource": "MISC", "tags": ["Vendor Advisory"]}], "product_info": [{"vendor": "Apple", "product": "tvOS"}, {"vendor": "Apple", "product": "macOS"}, {"vendor": "Apple", "product": "iOS and iPadOS"}, {"vendor": "Apple", "product": "watchOS"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}

{"redhatcve": [{"lastseen": "2023-05-27T14:33:07", "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-07-28T13:53:14", "type": "redhatcve", "title": "CVE-2021-1817", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1817"], "modified": "2023-04-06T07:53:04", "id": "RH:CVE-2021-1817", "href": "https://access.redhat.com/security/cve/cve-2021-1817", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-09-09T02:50:58", "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {}, "published": "2021-09-08T15:15:00", "type": "debiancve", "title": "CVE-2021-1817", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-1817"], "modified": "2021-09-08T15:15:00", "id": "DEBIANCVE:CVE-2021-1817", "href": "https://security-tracker.debian.org/tracker/CVE-2021-1817", "cvss": {"score": 0.0, "vector": "NONE"}}], "prion": [{"lastseen": "2023-08-16T00:45:46", "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-08T15:15:00", "type": "prion", "title": "CVE-2021-1817", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1817"], "modified": "2021-09-16T17:47:00", "id": "PRION:CVE-2021-1817", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-1817", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:06:14", "description": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-08T15:15:00", "type": "alpinelinux", "title": "CVE-2021-1817", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1817"], "modified": "2021-09-16T17:47:00", "id": "ALPINE:CVE-2021-1817", "href": "https://security.alpinelinux.org/vuln/CVE-2021-1817", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-07-27T22:59:51", "description": "A memory corruption issue was addressed with improved state management.\nThis issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5,\nwatchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead\nto arbitrary code execution.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-08T00:00:00", "type": "ubuntucve", "title": "CVE-2021-1817", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1817"], "modified": "2021-09-08T00:00:00", "id": "UB:CVE-2021-1817", "href": "https://ubuntu.com/security/CVE-2021-1817", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:41:06", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1586 advisory.\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : GNOME (RLSA-2021:1586)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:webkit2gtk3", "p-cpe:/a:rocky:linux:webkit2gtk3-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-debugsource", "p-cpe:/a:rocky:linux:webkit2gtk3-devel", "p-cpe:/a:rocky:linux:webkit2gtk3-devel-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-1586.NASL", "href": "https://www.tenable.com/plugins/nessus/157789", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:1586.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157789);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-30661\"\n );\n script_xref(name:\"RLSA\", value:\"2021:1586\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Rocky Linux 8 : GNOME (RLSA-2021:1586)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:1586 advisory.\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:1586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1152037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1464902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1671761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1700002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1705392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1728632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1728896\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1765627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1786496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1796916\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1802105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1833787\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1842229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1845660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1846376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1854290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1860946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1861357\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1861769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1865718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1870837\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1871041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1881312\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1883304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1883868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1886822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1888407\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1889411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1889528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1901212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1901214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1901216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1901221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1903043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1903568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1906499\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1918391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1919429\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1919432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1919435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1919467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1921151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=837035\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30661\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.30.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.30.4-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.30.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkit2gtk3 / webkit2gtk3-debuginfo / webkit2gtk3-debugsource / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:48", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities:\n\n - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. (CVE-2020-13543)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability. (CVE-2020-13584)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution. (CVE-2020-9983)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-09T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2022-0048)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13543", "CVE-2020-13584", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:webkit2gtk3", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-debuginfo", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-debugsource", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-devel", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-devel-debuginfo", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-doc", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-debuginfo", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-devel", "p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-devel-debuginfo", "cpe:/o:zte:cgsl_main:6"], "id": "NEWSTART_CGSL_NS-SA-2022-0048_WEBKIT2GTK3.NASL", "href": "https://www.tenable.com/plugins/nessus/160755", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2022-0048. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160755);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9983\",\n \"CVE-2020-13543\",\n \"CVE-2020-13584\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-30661\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2022-0048)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by\nmultiple vulnerabilities:\n\n - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A\n specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code\n execution. An attacker can get a user to visit a webpage to trigger this vulnerability. (CVE-2020-13543)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The\n victim needs to visit a malicious web site to trigger this vulnerability. (CVE-2020-13584)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari\n 14.0. Processing maliciously crafted web content may lead to code execution. (CVE-2020-9983)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2022-0048\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-13543\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-13584\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-9983\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-30661\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL webkit2gtk3 packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30661\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:webkit2gtk3-jsc-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL MAIN 6.02': [\n 'webkit2gtk3-2.30.4-1.el8',\n 'webkit2gtk3-debuginfo-2.30.4-1.el8',\n 'webkit2gtk3-debugsource-2.30.4-1.el8',\n 'webkit2gtk3-devel-2.30.4-1.el8',\n 'webkit2gtk3-devel-debuginfo-2.30.4-1.el8',\n 'webkit2gtk3-doc-2.30.4-1.el8',\n 'webkit2gtk3-jsc-2.30.4-1.el8',\n 'webkit2gtk3-jsc-debuginfo-2.30.4-1.el8',\n 'webkit2gtk3-jsc-devel-2.30.4-1.el8',\n 'webkit2gtk3-jsc-devel-debuginfo-2.30.4-1.el8'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkit2gtk3');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T15:14:11", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1586 advisory.\n\n - glib2: insecure permissions for files and directories (CVE-2019-13012)\n\n - webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543, CVE-2020-13584, CVE-2020-9951)\n\n - gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account with admin privileges (CVE-2020-16125)\n\n - webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)\n\n - webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-1817)\n\n - webkitgtk: Memory initialization issue possibly leading to memory disclosure (CVE-2021-1820)\n\n - webkitgtk: Input validation issue leading to cross site scripting attack (CVE-2021-1825)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-1826)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30661)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "RHEL 8 : GNOME (RHSA-2021:1586)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13012", "CVE-2020-13543", "CVE-2020-13584", "CVE-2020-16125", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:gdm", "p-cpe:/a:redhat:enterprise_linux:glib2", "p-cpe:/a:redhat:enterprise_linux:glib2-devel", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel", "p-cpe:/a:redhat:enterprise_linux:glib2-doc", "p-cpe:/a:redhat:enterprise_linux:glib2-fam", "p-cpe:/a:redhat:enterprise_linux:glib2-static", "p-cpe:/a:redhat:enterprise_linux:glib2-tests", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6"], "id": "REDHAT-RHSA-2021-1586.NASL", "href": "https://www.tenable.com/plugins/nessus/149698", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1586. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149698);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-13012\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9983\",\n \"CVE-2020-13543\",\n \"CVE-2020-13584\",\n \"CVE-2020-16125\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-30661\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1586\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"RHEL 8 : GNOME (RHSA-2021:1586)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1586 advisory.\n\n - glib2: insecure permissions for files and directories (CVE-2019-13012)\n\n - webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543, CVE-2020-13584,\n CVE-2020-9951)\n\n - gdm: inability to timely contact accountservice via dbus leads gnome-initial-setup to creation of account\n with admin privileges (CVE-2020-16125)\n\n - webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)\n\n - webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-1817)\n\n - webkitgtk: Memory initialization issue possibly leading to memory disclosure (CVE-2021-1820)\n\n - webkitgtk: Input validation issue leading to cross site scripting attack (CVE-2021-1825)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-1826)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30661)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-13012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-16125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1728632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1903568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986852\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986870\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30661\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 416, 636, 732, 787, 843);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2-fam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glib2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gdm-3.28.3-39.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'glib2-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-devel-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-doc-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-fam-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-static-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-tests-2.56.4-9.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gdm-3.28.3-39.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'glib2-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-devel-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-doc-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-fam-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-static-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-tests-2.56.4-9.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gdm-3.28.3-39.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'glib2-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-devel-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-doc-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-fam-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-static-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-tests-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.30.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.30.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.30.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.30.4-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdm / glib2 / glib2-devel / glib2-doc / glib2-fam / glib2-static / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:27", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1586 advisory.\n\n - The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).\n Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450. (CVE-2019-13012)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution. (CVE-2020-9983)\n\n - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. (CVE-2020-13543)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability. (CVE-2020-13584)\n\n - gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account.\n (CVE-2020-16125)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : GNOME (ALSA-2021:1586)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12450", "CVE-2019-13012", "CVE-2020-13543", "CVE-2020-13584", "CVE-2020-16125", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:openexr-devel", "p-cpe:/a:alma:linux:openexr-libs", "p-cpe:/a:alma:linux:accountsservice-devel", "p-cpe:/a:alma:linux:geocode-glib", "p-cpe:/a:alma:linux:geocode-glib-devel", "p-cpe:/a:alma:linux:gjs", "p-cpe:/a:alma:linux:gjs-devel", "p-cpe:/a:alma:linux:glib2", "p-cpe:/a:alma:linux:glib2-devel", "p-cpe:/a:alma:linux:glib2-doc", "p-cpe:/a:alma:linux:glib2-fam", "p-cpe:/a:alma:linux:glib2-static", "p-cpe:/a:alma:linux:glib2-tests", "p-cpe:/a:alma:linux:glibmm24", "p-cpe:/a:alma:linux:glibmm24-devel", "p-cpe:/a:alma:linux:glibmm24-doc", "p-cpe:/a:alma:linux:gnome-boxes", "p-cpe:/a:alma:linux:gnome-photos", "p-cpe:/a:alma:linux:gnome-photos-tests", "p-cpe:/a:alma:linux:gnome-terminal", "p-cpe:/a:alma:linux:gnome-terminal-nautilus", "p-cpe:/a:alma:linux:gtk-doc", "p-cpe:/a:alma:linux:gtk2", "p-cpe:/a:alma:linux:gtk2-devel", "p-cpe:/a:alma:linux:gtk2-devel-docs", "p-cpe:/a:alma:linux:gtk2-immodule-xim", "p-cpe:/a:alma:linux:gtk2-immodules", "p-cpe:/a:alma:linux:gtkmm24", "p-cpe:/a:alma:linux:gtkmm24-devel", "p-cpe:/a:alma:linux:gtkmm24-docs", "p-cpe:/a:alma:linux:gtkmm30", "p-cpe:/a:alma:linux:gtkmm30-devel", "p-cpe:/a:alma:linux:gtkmm30-doc", "p-cpe:/a:alma:linux:gvfs", "p-cpe:/a:alma:linux:gvfs-afc", "p-cpe:/a:alma:linux:gvfs-afp", "p-cpe:/a:alma:linux:gvfs-archive", "p-cpe:/a:alma:linux:gvfs-client", "p-cpe:/a:alma:linux:gvfs-devel", "p-cpe:/a:alma:linux:gvfs-fuse", "p-cpe:/a:alma:linux:gvfs-goa", "p-cpe:/a:alma:linux:gvfs-gphoto2", "p-cpe:/a:alma:linux:gvfs-mtp", "p-cpe:/a:alma:linux:gvfs-smb", "p-cpe:/a:alma:linux:libdazzle", "p-cpe:/a:alma:linux:libdazzle-devel", "p-cpe:/a:alma:linux:libepubgen", "p-cpe:/a:alma:linux:libepubgen-devel", "p-cpe:/a:alma:linux:libsass", "p-cpe:/a:alma:linux:libsass-devel", "p-cpe:/a:alma:linux:libsigc%2b%2b20", "p-cpe:/a:alma:linux:libsigc%2b%2b20-devel", "p-cpe:/a:alma:linux:libsigc%2b%2b20-doc", "p-cpe:/a:alma:linux:libvisual", "p-cpe:/a:alma:linux:libvisual-devel", "p-cpe:/a:alma:linux:mutter-devel", "p-cpe:/a:alma:linux:nautilus", "p-cpe:/a:alma:linux:nautilus-devel", "p-cpe:/a:alma:linux:nautilus-extensions", "p-cpe:/a:alma:linux:pangomm", "p-cpe:/a:alma:linux:pangomm-devel", "p-cpe:/a:alma:linux:pangomm-doc", "p-cpe:/a:alma:linux:soundtouch", "p-cpe:/a:alma:linux:soundtouch-devel", "p-cpe:/a:alma:linux:vala", "p-cpe:/a:alma:linux:vala-devel", "p-cpe:/a:alma:linux:woff2", "p-cpe:/a:alma:linux:woff2-devel", "cpe:/o:alma:linux:8", "p-cpe:/a:alma:linux:atkmm", "p-cpe:/a:alma:linux:atkmm-devel", "p-cpe:/a:alma:linux:atkmm-doc", "p-cpe:/a:alma:linux:cairomm", "p-cpe:/a:alma:linux:cairomm-devel", "p-cpe:/a:alma:linux:cairomm-doc", "p-cpe:/a:alma:linux:chrome-gnome-shell", "p-cpe:/a:alma:linux:dleyna-core", "p-cpe:/a:alma:linux:dleyna-server", "p-cpe:/a:alma:linux:enchant2", "p-cpe:/a:alma:linux:enchant2-devel", "p-cpe:/a:alma:linux:gamin", "p-cpe:/a:alma:linux:gamin-devel", "p-cpe:/a:alma:linux:geoclue2", "p-cpe:/a:alma:linux:geoclue2-demos", "p-cpe:/a:alma:linux:geoclue2-devel", "p-cpe:/a:alma:linux:geoclue2-libs"], "id": "ALMA_LINUX_ALSA-2021-1586.NASL", "href": "https://www.tenable.com/plugins/nessus/157668", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:1586.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157668);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-13012\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9983\",\n \"CVE-2020-13543\",\n \"CVE-2020-13584\",\n \"CVE-2020-16125\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-30661\"\n );\n script_xref(name:\"ALSA\", value:\"2021:1586\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"AlmaLinux 8 : GNOME (ALSA-2021:1586)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:1586 advisory.\n\n - The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using\n g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents\n (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).\n Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories,\n 0777 permissions are used; for files, default file permissions are used. This is similar to\n CVE-2019-12450. (CVE-2019-13012)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari\n 14.0. Processing maliciously crafted web content may lead to code execution. (CVE-2020-9983)\n\n - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A\n specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code\n execution. An attacker can get a user to visit a webpage to trigger this vulnerability. (CVE-2020-13543)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The\n victim needs to visit a malicious web site to trigger this vulnerability. (CVE-2020-13584)\n\n - gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the\n accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be\n be chained with an additional issue that could allow a local user to create a new privileged account.\n (CVE-2020-16125)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-1586.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30661\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:OpenEXR-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:OpenEXR-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:atkmm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:atkmm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:atkmm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cairomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cairomm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:cairomm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:chrome-gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dleyna-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dleyna-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:enchant2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:enchant2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gamin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gamin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geoclue2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geoclue2-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geoclue2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geoclue2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geocode-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:geocode-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gjs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gjs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2-fam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glib2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glibmm24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glibmm24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:glibmm24-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-boxes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-photos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-photos-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-terminal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-terminal-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk2-devel-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk2-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk2-immodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm24-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm24-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm30\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm30-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtkmm30-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-afc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-afp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-archive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-fuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-goa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-gphoto2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-mtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libdazzle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libdazzle-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libepubgen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libepubgen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsass-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsigc++20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsigc++20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsigc++20-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvisual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libvisual-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pangomm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pangomm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pangomm-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:soundtouch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:soundtouch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vala\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vala-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:woff2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:woff2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'accountsservice-devel-0.6.55-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atkmm-2.24.2-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atkmm-2.24.2-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atkmm-devel-2.24.2-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atkmm-devel-2.24.2-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'atkmm-doc-2.24.2-7.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cairomm-1.12.0-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cairomm-1.12.0-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cairomm-devel-1.12.0-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cairomm-devel-1.12.0-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cairomm-doc-1.12.0-8.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chrome-gnome-shell-10.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dleyna-core-0.6.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dleyna-core-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dleyna-server-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'enchant2-2.2.3-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'enchant2-2.2.3-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'enchant2-devel-2.2.3-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'enchant2-devel-2.2.3-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gamin-0.1.10-32.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gamin-0.1.10-32.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gamin-devel-0.1.10-32.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gamin-devel-0.1.10-32.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-2.5.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-2.5.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-demos-2.5.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-devel-2.5.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-devel-2.5.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-libs-2.5.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geoclue2-libs-2.5.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geocode-glib-3.26.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geocode-glib-3.26.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geocode-glib-devel-3.26.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'geocode-glib-devel-3.26.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-1.56.2-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-1.56.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-devel-1.56.2-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gjs-devel-1.56.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-2.56.4-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-2.56.4-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-devel-2.56.4-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-devel-2.56.4-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-doc-2.56.4-9.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-fam-2.56.4-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-static-2.56.4-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-static-2.56.4-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glib2-tests-2.56.4-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibmm24-2.56.0-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibmm24-2.56.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibmm24-devel-2.56.0-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibmm24-devel-2.56.0-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibmm24-doc-2.56.0-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-boxes-3.36.5-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-photos-3.28.1-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-photos-tests-3.28.1-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-terminal-3.28.3-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-terminal-nautilus-3.28.3-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-doc-1.28-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-2.24.32-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-2.24.32-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-devel-2.24.32-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-devel-2.24.32-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-devel-docs-2.24.32-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-immodule-xim-2.24.32-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-immodule-xim-2.24.32-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-immodules-2.24.32-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk2-immodules-2.24.32-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm24-2.24.5-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm24-2.24.5-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm24-devel-2.24.5-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm24-devel-2.24.5-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm24-docs-2.24.5-6.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm30-3.22.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm30-3.22.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm30-devel-3.22.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm30-devel-3.22.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtkmm30-doc-3.22.2-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-11.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afc-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-afp-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-archive-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-client-1.36.2-11.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-client-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-devel-1.36.2-11.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-devel-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-fuse-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-goa-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-gphoto2-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-mtp-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-smb-1.36.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libdazzle-3.28.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libdazzle-3.28.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libdazzle-devel-3.28.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libdazzle-devel-3.28.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libepubgen-0.1.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libepubgen-0.1.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libepubgen-devel-0.1.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libepubgen-devel-0.1.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsass-3.4.5-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsass-3.4.5-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsass-devel-3.4.5-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsass-devel-3.4.5-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsigc++20-2.10.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsigc++20-2.10.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsigc++20-devel-2.10.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsigc++20-devel-2.10.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsigc++20-doc-2.10.0-6.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvisual-0.4.0-25.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvisual-0.4.0-25.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvisual-devel-0.4.0-25.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'libvisual-devel-0.4.0-25.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mutter-devel-3.32.2-57.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-57.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-extensions-3.28.1-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-extensions-3.28.1-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'OpenEXR-devel-2.2.0-12.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'OpenEXR-devel-2.2.0-12.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'OpenEXR-libs-2.2.0-12.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'OpenEXR-libs-2.2.0-12.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pangomm-2.40.1-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pangomm-2.40.1-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pangomm-devel-2.40.1-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pangomm-devel-2.40.1-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pangomm-doc-2.40.1-6.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'soundtouch-2.0.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'soundtouch-2.0.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'soundtouch-devel-2.0.0-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'soundtouch-devel-2.0.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vala-0.40.19-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vala-0.40.19-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vala-devel-0.40.19-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vala-devel-0.40.19-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'woff2-1.0.2-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'woff2-1.0.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'woff2-devel-1.0.2-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'woff2-devel-1.0.2-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'OpenEXR-devel / OpenEXR-libs / accountsservice-devel / atkmm / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:41", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : webkit2gtk3 (openSUSE-SU-2022:0182-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "cpe:/o:novell:opensuse:15.3", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser"], "id": "OPENSUSE-2022-0182-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157093", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0182-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157093);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : webkit2gtk3 (openSUSE-SU-2022:0182-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FK6EK2KGH7KDPXCBN2Q3SSAVOCIXNCFX/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0eaac383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libjavascriptcoregtk-4_0-18-32bit-2.34.3-23.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk-4_0-37-32bit-2.34.3-23.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit-jsc-4-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-minibrowser-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T15:39:16", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0182-2 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0182-2.NASL", "href": "https://www.tenable.com/plugins/nessus/158139", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0182-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158139);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0182-2\");\n\n script_name(english:\"SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0182-2 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010234.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f2507edb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:13:14", "description": "The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0182-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157103", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0182-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157103);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0182-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010070.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b94eaab2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:12:19", "description": "The remote host is affected by the vulnerability described in GLSA-202202-01 (WebkitGTK+: Multiple vulnerabilities)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-01T00:00:00", "type": "nessus", "title": "GLSA-202202-01 : WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45482"], "modified": "2022-02-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:webkit-gtk", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202202-01.NASL", "href": "https://www.tenable.com/plugins/nessus/157266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202202-01.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157266);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/03\");\n\n script_cve_id(\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-30661\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\",\n \"CVE-2021-30934\",\n \"CVE-2021-30936\",\n \"CVE-2021-30951\",\n \"CVE-2021-30952\",\n \"CVE-2021-30953\",\n \"CVE-2021-30954\",\n \"CVE-2021-30984\",\n \"CVE-2021-42762\",\n \"CVE-2021-45482\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0577-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"GLSA-202202-01 : WebkitGTK+: Multiple vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202202-01 (WebkitGTK+: Multiple vulnerabilities)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that\n allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by\n the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to\n host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process\n remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different\n vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202202-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=779175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=801400\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=813489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=819522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=820434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=831739\");\n script_set_attribute(attribute:\"solution\", value:\n\"All WebkitGTK+ users should upgrade to the latest version:\n\n\t\t\t# emerge --sync\n\t\t\t# emerge --ask --oneshot --verbose >=net-libs/webkit-gtk-2.34.4\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30954\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"net-libs/webkit-gtk\",\n 'unaffected' : make_list(\"ge 2.34.4\"),\n 'vulnerable' : make_list(\"lt 2.34.4\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"WebkitGTK+\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:40", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0183-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0183-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2018-8480", "CVE-2018-8488", "CVE-2018-8498", "CVE-2018-8518", "CVE-2018-8523", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-10018", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0183-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157109", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0183-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157109);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2018-8518\",\n \"CVE-2018-8523\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2018-A-0329-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0183-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0183-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0183-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize\n a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of\n Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480,\n CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010071.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?505f53d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3897\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:27:52", "description": "The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.3 Big Sur. It is, therefore, affected by multiple vulnerabilities including the following:\n\n - A memory corruption issue which could allow an application restricted memory read access (CVE-2021-1808).\n\n - A memory corruption issue which could allow an application to cause unexpected system termination or to write kernel memory (CVE-2021-1828).\n\n - An out-of-bounds wirte issue which could allow a malicious application to execute arbitrary code with kernel privileges (CVE-2021-1834).\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2021-04-28T00:00:00", "type": "nessus", "title": "macOS 11.x < 11.3 (HT212325)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-7463", "CVE-2020-8037", "CVE-2020-8285", "CVE-2020-8286", "CVE-2021-1739", "CVE-2021-1740", "CVE-2021-1784", "CVE-2021-1808", "CVE-2021-1809", "CVE-2021-1810", "CVE-2021-1811", "CVE-2021-1813", "CVE-2021-1814", "CVE-2021-1815", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1824", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1828", "CVE-2021-1829", "CVE-2021-1832", "CVE-2021-1834", "CVE-2021-1839", "CVE-2021-1840", "CVE-2021-1841", "CVE-2021-1843", "CVE-2021-1846", "CVE-2021-1847", "CVE-2021-1849", "CVE-2021-1851", "CVE-2021-1853", "CVE-2021-1855", "CVE-2021-1857", "CVE-2021-1858", "CVE-2021-1859", "CVE-2021-1860", "CVE-2021-1861", "CVE-2021-1867", "CVE-2021-1868", "CVE-2021-1872", "CVE-2021-1873", "CVE-2021-1875", "CVE-2021-1876", "CVE-2021-1878", "CVE-2021-1880", "CVE-2021-1881", "CVE-2021-1882", "CVE-2021-1883", "CVE-2021-1884", "CVE-2021-1885", "CVE-2021-30652", "CVE-2021-30653", "CVE-2021-30655", "CVE-2021-30657", "CVE-2021-30658", "CVE-2021-30659", "CVE-2021-30660", "CVE-2021-30661"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT212325.NASL", "href": "https://www.tenable.com/plugins/nessus/149041", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149041);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-7463\",\n \"CVE-2020-8037\",\n \"CVE-2020-8285\",\n \"CVE-2020-8286\",\n \"CVE-2021-1739\",\n \"CVE-2021-1740\",\n \"CVE-2021-1784\",\n \"CVE-2021-1808\",\n \"CVE-2021-1809\",\n \"CVE-2021-1810\",\n \"CVE-2021-1811\",\n \"CVE-2021-1813\",\n \"CVE-2021-1814\",\n \"CVE-2021-1815\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1824\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1828\",\n \"CVE-2021-1829\",\n \"CVE-2021-1832\",\n \"CVE-2021-1834\",\n \"CVE-2021-1839\",\n \"CVE-2021-1840\",\n \"CVE-2021-1841\",\n \"CVE-2021-1843\",\n \"CVE-2021-1846\",\n \"CVE-2021-1847\",\n \"CVE-2021-1849\",\n \"CVE-2021-1851\",\n \"CVE-2021-1853\",\n \"CVE-2021-1855\",\n \"CVE-2021-1857\",\n \"CVE-2021-1858\",\n \"CVE-2021-1859\",\n \"CVE-2021-1860\",\n \"CVE-2021-1861\",\n \"CVE-2021-1867\",\n \"CVE-2021-1868\",\n \"CVE-2021-1872\",\n \"CVE-2021-1873\",\n \"CVE-2021-1875\",\n \"CVE-2021-1876\",\n \"CVE-2021-1878\",\n \"CVE-2021-1880\",\n \"CVE-2021-1881\",\n \"CVE-2021-1882\",\n \"CVE-2021-1883\",\n \"CVE-2021-1884\",\n \"CVE-2021-1885\",\n \"CVE-2021-30652\",\n \"CVE-2021-30653\",\n \"CVE-2021-30655\",\n \"CVE-2021-30657\",\n \"CVE-2021-30658\",\n \"CVE-2021-30659\",\n \"CVE-2021-30660\",\n \"CVE-2021-30661\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT212325\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2021-04-26-2\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"macOS 11.x < 11.3 (HT212325)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.3 Big Sur. It is, therefore,\naffected by multiple vulnerabilities including the following:\n\n - A memory corruption issue which could allow an application restricted memory read access (CVE-2021-1808).\n\n - A memory corruption issue which could allow an application to cause unexpected system termination or to \n write kernel memory (CVE-2021-1828).\n\n - An out-of-bounds wirte issue which could allow a malicious application to execute arbitrary code with \n kernel privileges (CVE-2021-1834).\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT212325\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 11.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30655\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'macOS Gatekeeper check bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [{ 'min_version' : '11.0', 'fixed_version' : '11.3', 'fixed_display' : 'macOS Big Sur 11.3' }];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:43", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0142-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8681, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8684, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815, CVE-2019-8821, CVE-2019-8822)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-21T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2022:0142-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2018-8480", "CVE-2018-8488", "CVE-2018-8498", "CVE-2018-8518", "CVE-2018-8523", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8674", "CVE-2019-8681", "CVE-2019-8684", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8763", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2019-8821", "CVE-2019-8822", "CVE-2020-10018", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles"], "id": "SUSE_SU-2022-0142-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156925", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0142-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156925);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2018-8518\",\n \"CVE-2018-8523\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8674\",\n \"CVE-2019-8681\",\n \"CVE-2019-8684\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8719\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8763\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2018-A-0329-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0142-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2022:0142-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0142-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize\n a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of\n Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480,\n CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559,\n CVE-2019-8563)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8681, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8684, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815, CVE-2019-8821, CVE-2019-8822)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2022-January/021411.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8551\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3897\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-18T13:11:09", "description": "The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2088 advisory.\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. (CVE-2021-45481)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. (CVE-2021-45483)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-22590)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\n - A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-22662)\n\n - A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call. (CVE-2022-22677)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. (CVE-2022-26700)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26709)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26710)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26716, CVE-2022-26719)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\n - In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n (CVE-2022-30293)\n\n - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32792)\n\n - Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. (CVE-2022-32793)\n\n - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32816)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42826)\n\n - The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42863, CVE-2022-46699)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42867)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\n - A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\n - A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\n - A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\n - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. (CVE-2023-2203)\n\n - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2023-23517, CVE-2023-23518)\n\n - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n (CVE-2023-23529)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25358)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25360)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25361)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\n - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2023-27932)\n\n - The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information (CVE-2023-27954)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2023-28205)\n\n - An out-of-bounds read was addressed with improved input validation. (CVE-2023-28204)\n\n - A use-after-free issue was addressed with improved memory management. (CVE-2023-32373)\n\n - The issue was addressed with improved bounds checks. (CVE-2023-32409)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-06-13T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : webkitgtk4 (ALAS-2023-2088)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-22592", "CVE-2020-27918", "CVE-2020-29623", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-32912", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45481", "CVE-2021-45482", "CVE-2021-45483", "CVE-2022-22590", "CVE-2022-22592", "CVE-2022-22662", "CVE-2022-22677", "CVE-2022-26700", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26719", "CVE-2022-30293", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32816", "CVE-2022-32885", "CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42824", "CVE-2022-42826", "CVE-2022-42852", "CVE-2022-42856", "CVE-2022-42863", "CVE-2022-42867", "CVE-2022-46691", "CVE-2022-46692", "CVE-2022-46698", "CVE-2022-46699", "CVE-2022-46700", "CVE-2023-2203", "CVE-2023-23517", "CVE-2023-23518", "CVE-2023-23529", "CVE-2023-25358", "CVE-2023-25360", "CVE-2023-25361", "CVE-2023-25362", "CVE-2023-25363", "CVE-2023-27932", "CVE-2023-27954", "CVE-2023-28204", "CVE-2023-28205", "CVE-2023-32373", "CVE-2023-32409"], "modified": "2023-06-14T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:webkitgtk4", "p-cpe:/a:amazon:linux:webkitgtk4-debuginfo", "p-cpe:/a:amazon:linux:webkitgtk4-devel", "p-cpe:/a:amazon:linux:webkitgtk4-jsc", "p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2023-2088.NASL", "href": "https://www.tenable.com/plugins/nessus/177194", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2023-2088.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(177194);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/14\");\n\n script_cve_id(\n \"CVE-2020-22592\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-30661\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30934\",\n \"CVE-2021-30936\",\n \"CVE-2021-30951\",\n \"CVE-2021-30952\",\n \"CVE-2021-30953\",\n \"CVE-2021-30954\",\n \"CVE-2021-30984\",\n \"CVE-2021-32912\",\n \"CVE-2021-42762\",\n \"CVE-2021-45481\",\n \"CVE-2021-45482\",\n \"CVE-2021-45483\",\n \"CVE-2022-22590\",\n \"CVE-2022-22592\",\n \"CVE-2022-22662\",\n \"CVE-2022-22677\",\n \"CVE-2022-26700\",\n \"CVE-2022-26709\",\n \"CVE-2022-26710\",\n \"CVE-2022-26716\",\n \"CVE-2022-26717\",\n \"CVE-2022-26719\",\n \"CVE-2022-30293\",\n \"CVE-2022-32792\",\n \"CVE-2022-32793\",\n \"CVE-2022-32816\",\n \"CVE-2022-32885\",\n \"CVE-2022-32888\",\n \"CVE-2022-32923\",\n \"CVE-2022-42799\",\n \"CVE-2022-42824\",\n \"CVE-2022-42826\",\n \"CVE-2022-42852\",\n \"CVE-2022-42856\",\n \"CVE-2022-42863\",\n \"CVE-2022-42867\",\n \"CVE-2022-46691\",\n \"CVE-2022-46692\",\n \"CVE-2022-46698\",\n \"CVE-2022-46699\",\n \"CVE-2022-46700\",\n \"CVE-2023-2203\",\n \"CVE-2023-23517\",\n \"CVE-2023-23518\",\n \"CVE-2023-23529\",\n \"CVE-2023-25358\",\n \"CVE-2023-25360\",\n \"CVE-2023-25361\",\n \"CVE-2023-25362\",\n \"CVE-2023-25363\",\n \"CVE-2023-27932\",\n \"CVE-2023-27954\",\n \"CVE-2023-28204\",\n \"CVE-2023-28205\",\n \"CVE-2023-32373\",\n \"CVE-2023-32409\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/01/04\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/03/07\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/05/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/12\");\n\n script_name(english:\"Amazon Linux 2 : webkitgtk4 (ALAS-2023-2088)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2023-2088 advisory.\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big\n Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS\n 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on\n arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4\n and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1870)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that\n allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by\n the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to\n host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process\n remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is incorrect memory allocation in\n WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application\n crash, a different vulnerability than CVE-2021-30889. (CVE-2021-45481)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different\n vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability\n than CVE-2021-30889. (CVE-2021-45483)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and\n iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-22590)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS\n 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content\n may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\n - A cookie management issue was addressed with improved state management. This issue is fixed in Security\n Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose\n sensitive user information. (CVE-2022-22662)\n\n - A logic issue in the handling of concurrent media was addressed with improved state handling. This issue\n is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be\n interrupted if the user answers a phone call. (CVE-2022-22677)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5,\n watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to code execution. (CVE-2022-26700)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5,\n iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-26709)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and\n iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2022-26710)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5,\n iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-26716, CVE-2022-26719)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5,\n watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\n - In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in\n WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n (CVE-2022-30293)\n\n - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6\n and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-32792)\n\n - Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in\n macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose\n kernel memory. (CVE-2022-32793)\n\n - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6\n and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI\n spoofing. (CVE-2022-32816)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big\n Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS\n 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing\n maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13,\n watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface\n spoofing. (CVE-2022-42799)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS\n Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content\n may disclose sensitive user information. (CVE-2022-42824)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura\n 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2022-42826)\n\n - The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2,\n macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing\n maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2,\n tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted\n web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been\n actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-42863, CVE-2022-46699)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2,\n tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-42867)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\n - A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2,\n iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2,\n watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\n - A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud\n for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously\n crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\n - A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\n - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free\n vulnerability. This flaw allows attackers with network access to pass specially crafted web content files,\n causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205\n security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux\n 9.2. (CVE-2023-2203)\n\n - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS\n Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2023-23517,\n CVE-2023-23518)\n\n - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1,\n iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to\n arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n (CVE-2023-23529)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25358)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25360)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25361)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before\n 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before\n 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\n - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS\n 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may\n bypass Same Origin Policy (CVE-2023-27932)\n\n - The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS\n 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be\n able to track sensitive user information (CVE-2023-27954)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura\n 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited. (CVE-2023-28205)\n\n - An out-of-bounds read was addressed with improved input validation. (CVE-2023-28204)\n\n - A use-after-free issue was addressed with improved memory management. (CVE-2023-32373)\n\n - The issue was addressed with improved bounds checks. (CVE-2023-32409)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2023-2088.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-22592.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-27918.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-29623.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1765.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1788.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1789.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1801.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1817.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1820.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1825.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1826.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1844.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1870.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21775.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21779.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21806.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30661.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30663.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30665.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30666.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30682.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30689.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30720.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30734.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30749.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30758.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30761.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30762.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30795.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30797.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30809.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30818.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30836.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30846.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30848.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30887.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30888.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30889.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30890.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30934.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30936.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30951.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30952.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30953.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30954.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30984.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-32912.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-42762.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45481.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45482.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45483.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22590.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22592.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22662.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22677.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26700.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26709.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26710.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26716.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26717.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26719.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30293.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32792.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32793.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32816.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32885.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32888.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42824.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42826.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42852.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42856.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42863.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42867.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46691.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46692.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46698.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46699.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46700.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-2203.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23517.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23518.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23529.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25358.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25360.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25361.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25362.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25363.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-27932.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-27954.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-28204.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-28205.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32373.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32409.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update webkitgtk4' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30954\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1870\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk4 / webkitgtk4-debuginfo / webkitgtk4-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-08-10T07:19:29", "description": "\nThe following vulnerabilities have been discovered in the webkit2gtk\nweb engine:\n\n\n* [CVE-2020-9948](https://security-tracker.debian.org/tracker/CVE-2020-9948)\nBrendan Draper discovered that processing maliciously crafted web\n content may lead to arbitrary code execution.\n* [CVE-2020-9951](https://security-tracker.debian.org/tracker/CVE-2020-9951)\nMarcin Noga discovered that processing maliciously crafted web\n content may lead to arbitrary code execution.\n* [CVE-2020-9983](https://security-tracker.debian.org/tracker/CVE-2020-9983)\nzhunki discovered that processing maliciously crafted web content\n may lead to code execution.\n* [CVE-2020-13584](https://security-tracker.debian.org/tracker/CVE-2020-13584)\nCisco discovered that processing maliciously crafted web content\n may lead to arbitrary code execution.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.30.3-1~deb10u1.\n\n\nWe recommend that you upgrade your webkit2gtk packages.\n\n\nFor the detailed security status of webkit2gtk please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/webkit2gtk](https://security-tracker.debian.org/tracker/webkit2gtk)\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-23T00:00:00", "type": "osv", "title": "webkit2gtk - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9951", "CVE-2020-9983", "CVE-2020-9948", "CVE-2021-30661", "CVE-2021-1826", "CVE-2021-1820", "CVE-2020-13543", "CVE-2020-9947", "CVE-2021-1825", "CVE-2020-13584", "CVE-2021-1817"], "modified": "2022-08-10T07:19:25", "id": "OSV:DSA-4797-1", "href": "https://osv.dev/vulnerability/DSA-4797-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-08-16T15:29:43", "description": "GNOME is the default desktop environment of Red Hat Enterprise Linux.\n\nThe following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304)\n\nSecurity Fix(es):\n\n* webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)\n\n* webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)\n\n* glib2: insecure permissions for files and directories (CVE-2019-13012)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-18T05:35:26", "type": "redhat", "title": "(RHSA-2021:1586) Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13012", "CVE-2020-13543", "CVE-2020-13584", "CVE-2020-16125", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2021-10-28T10:28:08", "id": "RHSA-2021:1586", "href": "https://access.redhat.com/errata/RHSA-2021:1586", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "rocky": [{"lastseen": "2023-07-24T17:29:39", "description": "An update is available for enchant2, cairomm, gnome-photos, webkit2gtk3, chrome-gnome-shell, geoclue2, dleyna-server, woff2, libdazzle, gtk2, gvfs, gjs, gnome-settings-daemon, gtkmm24, accountsservice, gnome-control-center, gnome-shell, gnome-software, soundtouch, gnome-boxes, gnome-terminal, libsass, libsigc++20, nautilus, OpenEXR, gnome-online-accounts, gtkmm30, dleyna-core, vala, libvisual, geocode-glib, pangomm, gtk-doc, atkmm, gdm, gamin, glibmm24, mutter, libepubgen.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nGNOME is the default desktop environment of Rocky Linux.\n\nThe following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304)\n\nSecurity Fix(es):\n\n* webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)\n\n* webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)\n\n* webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)\n\n* glib2: insecure permissions for files and directories (CVE-2019-13012)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-18T05:35:26", "type": "rocky", "title": "GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13012", "CVE-2020-13543", "CVE-2020-13584", "CVE-2020-16125", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-30661"], "modified": "2021-05-18T05:35:26", "id": "RLSA-2021:1586", "href": "https://errata.rockylinux.org/RLSA-2021:1586", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2023-07-25T22:39:36", "description": "# About the security content of tvOS 14.5\n\nThis document describes the security content of tvOS 14.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 14.5\n\nReleased April 26, 2021\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2021-1849: Siguza\n\n**Assets**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to create or modify privileged files\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1836: an anonymous researcher\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab\n\n**CFNetwork**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1857: an anonymous researcher\n\n**Compression**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30752: Ye Zhang (@co0py_Cat) of Baidu Security\n\nEntry added July 21, 2021 \n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An out-of-bounds write issue was addressed with improved bounds checking\n\nDescription: Processing a maliciously crafted file may lead to arbitrary code execution.\n\nCVE-2021-30664: JunDong Xie of Ant Security Light-Year Lab\n\nEntry added July 21, 2021 \n\n**CoreText**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360\n\n**Foundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1882: Gabe Kirkpatrick (@gabe_k)\n\n**Foundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-1813: Cees Elzinga\n\n**Heimdal**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted server messages may lead to heap corruption\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1883: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2021-1884: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-1885: CFF of Topsec Alpha Team\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30653: Ye Zhang of Baidu Security\n\nCVE-2021-1843: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-1858: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An out-of-bounds write was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30743: Ye Zhang (@co0py_Cat) of Baidu Security, CFF of Topsec Alpha Team, Jzhu working with Trend Micro Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab, CFF of Topsec Alpha Team, Jeonghoon Shin (@singi21a) of THEORI working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted file may lead to arbitrary code execution.\n\nCVE-2021-30764: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**iTunes Store**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker with JavaScript execution may be able to execute arbitrary code\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-1864: CodeColorist of Ant-Financial LightYear Labs\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1860: @0xalsr\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-1816: Tielei Wang of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1851: @0xalsr\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Copied files may not have the expected file permissions\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1832: an anonymous researcher\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30660: Alex Plaskett\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2021-30652: James Hutchins\n\n**libxslt**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted file may lead to heap corruption\n\nDescription: A double free issue was addressed with improved memory management.\n\nCVE-2021-1875: Found by OSS-Fuzz\n\n**MobileInstallation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1822: Bruno Virlet of The Grizzly Labs\n\n**Preferences**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\n**Tailspin**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1868: Tim Michaud of Zoom Communications\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1844: Cl\u00e9ment Lecigne of Google\u2019s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2021-1825: Alex Camboe of Aon\u2019s Cyber Solutions\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-1817: zhunki\n\nEntry updated May 6, 2021\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1826: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1820: Andr\u00e9 Bargull\n\nEntry updated May 6, 2021\n\n**WebKit Storage**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30661: yangkang(@dnpushme) of 360 ATA\n\n**WebRTC**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A use after free issue was addressed with improved memory management\n\nDescription: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.\n\nCVE-2020-7463: Megan2013678\n\nEntry added July 21, 2021 \n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A logic issue was addressed with improved state management\n\nDescription: A buffer overflow may result in arbitrary code execution.\n\nCVE-2021-1770: Jiska Classen (@naehrdine) of Secure Mobile Networking Lab, TU Darmstadt\n\nEntry added July 21, 2021 \n\n\n\n## Additional recognition\n\n**Assets**\n\nWe would like to acknowledge Cees Elzinga for their assistance.\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**CoreCrypto**\n\nWe would like to acknowledge Andy Russon of Orange Group for their assistance.\n\nEntry added May 6, 2021\n\n**Foundation**\n\nWe would like to acknowledge CodeColorist of Ant-Financial LightYear Labs for their assistance.\n\nEntry added May 6, 2021\n\n**Kernel**\n\nWe would like to acknowledge Antonio Frighetto of Politecnico di Milano, GRIMM, Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan, Mikko Kentt\u00e4l\u00e4 ( @Turmio_ ) of SensorFu, Proteas, and Tielei Wang of Pangu Lab for their assistance.\n\nEntry added May 6, 2021\n\n**Security**\n\nWe would like to acknowledge Xingwei Lin of Ant Security Light-Year Lab and john (@nyan_satan) for their assistance.\n\nEntry added May 6, 2021\n\n**sysdiagnose**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Leviathan for their assistance.\n\nEntry added May 6, 2021\n\n**WebKit**\n\nWe would like to acknowledge Emilio Cobos \u00c1lvarez of Mozilla for their assistance.\n\nEntry added May 6, 2021\n\n**WebSheet**\n\nWe would like to acknowledge Patrick Clover (independent researcher) for their assistance.\n\nEntry added May 6, 2021\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 21, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-26T00:00:00", "type": "apple", "title": "About the security content of tvOS 14.5", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7463", "CVE-2021-1739", "CVE-2021-1740", "CVE-2021-1770", "CVE-2021-1808", "CVE-2021-1809", "CVE-2021-1811", "CVE-2021-1813", "CVE-2021-1815", "CVE-2021-1816", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1822", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1832", "CVE-2021-1836", "CVE-2021-1843", "CVE-2021-1844", "CVE-2021-1846", "CVE-2021-1849", "CVE-2021-1851", "CVE-2021-1857", "CVE-2021-1858", "CVE-2021-1860", "CVE-2021-1864", "CVE-2021-1868", "CVE-2021-1875", "CVE-2021-1881", "CVE-2021-1882", "CVE-2021-1883", "CVE-2021-1884", "CVE-2021-1885", "CVE-2021-30652", "CVE-2021-30653", "CVE-2021-30660", "CVE-2021-30661", "CVE-2021-30664", "CVE-2021-30743", "CVE-2021-30752", "CVE-2021-30764"], "modified": "2021-04-26T00:00:00", "id": "APPLE:D1804CFB5985973BEAA4CE367152D5F6", "href": "https://support.apple.com/kb/HT212323", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-28T22:05:18", "description": "# About the security content of watchOS 7.4\n\nThis document describes the security content of watchOS 7.4.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 7.4\n\nReleased April 26, 2021\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2021-1849: Siguza\n\n**Audio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab\n\n**CFNetwork**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1857: an anonymous researcher\n\n**Compression**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30752: Ye Zhang (@co0py_Cat) of Baidu Security\n\nEntry added July 21, 2021 \n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30664: JunDong Xie of Ant Security Light-Year Lab\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreFoundation**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30659: Thijs Alkemade of Computest\n\n**CoreText**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab\n\n**FaceTime**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Muting a CallKit call while ringing may not result in mute being enabled\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1872: Siraj Zaneer of Facebook\n\n**FontParser**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360\n\n**Foundation**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1882: Gabe Kirkpatrick (@gabe_k)\n\n**Foundation**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-1813: Cees Elzinga\n\n**Heimdal**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted server messages may lead to heap corruption\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1883: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2021-1884: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1880: Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-30653: Ye Zhang of Baidu Security\n\nCVE-2021-1814: Ye Zhang of Baidu Security, Mickey Jin &amp; Qi Sun of Trend Micro, and Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-1843: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-1885: CFF of Topsec Alpha Team\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-1858: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An out-of-bounds write was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30743: Ye Zhang (@co0py_Cat) of Baidu Security, Jzhu working with Trend Micro Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab, CFF of Topsec Alpha Team, Jeonghoon Shin (@singi21a) of THEORI working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted file may lead to arbitrary code execution.\n\nCVE-2021-30764: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**iTunes Store**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An attacker with JavaScript execution may be able to execute arbitrary code\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-1864: CodeColorist of Ant-Financial LightYear Labs\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1860: @0xalsr\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-1816: Tielei Wang of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1851: @0xalsr\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Copied files may not have the expected file permissions\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1832: an anonymous researcher\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30660: Alex Plaskett\n\n**libxpc**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2021-30652: James Hutchins\n\n**libxslt**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted file may lead to heap corruption\n\nDescription: A double free issue was addressed with improved memory management.\n\nCVE-2021-1875: Found by OSS-Fuzz\n\n**MobileInstallation**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1822: Bruno Virlet of The Grizzly Labs\n\n**Preferences**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\n**Safari**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local user may be able to write arbitrary files\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2021-1807: David Sch\u00fctz (@xdavidhu)\n\n**Tailspin**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1868: Tim Michaud of Zoom Communications\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2021-1825: Alex Camboe of Aon\u2019s Cyber Solutions\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-1817: zhunki\n\nEntry updated May 6, 2021\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1826: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1820: Andr\u00e9 Bargull\n\nEntry updated May 6, 2021\n\n**WebKit Storage**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30661: yangkang(@dnpushme) of 360 ATA\n\n**WebRTC**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A use after free issue was addressed with improved memory management\n\nDescription: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.\n\nCVE-2020-7463: Megan2013678\n\nEntry added July 21, 2021 \n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A logic issue was addressed with improved state management\n\nDescription: A buffer overflow may result in arbitrary code execution.\n\nCVE-2021-1770: Jiska Classen (@naehrdine) of Secure Mobile Networking Lab, TU Darmstadt\n\nEntry added July 21, 2021\n\n\n\n## Additional recognition\n\n**AirDrop**\n\nWe would like to acknowledge @maxzks for their assistance.\n\n**CoreAudio**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**CoreCrypto**\n\nWe would like to acknowledge Andy Russon of Orange Group for their assistance.\n\n**File Bookmark**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Foundation**\n\nWe would like to acknowledge CodeColorist of Ant-Financial LightYear Labs for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Antonio Frighetto of Politecnico di Milano, GRIMM, Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan, Mikko Kentt\u00e4l\u00e4 ( @Turmio_ ) of SensorFu, Proteas, and Tielei Wang of Pangu Lab for their assistance.\n\n**Security**\n\nWe would like to acknowledge Xingwei Lin of Ant Security Light-Year Lab and john (@nyan_satan) for their assistance.\n\n**sysdiagnose**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Leviathan for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Emilio Cobos \u00c1lvarez of Mozilla for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 21, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-26T00:00:00", "type": "apple", "title": "About the security content of watchOS 7.4", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7463", "CVE-2021-1739", "CVE-2021-1740", "CVE-2021-1770", "CVE-2021-1807", "CVE-2021-1808", "CVE-2021-1809", "CVE-2021-1811", "CVE-2021-1813", "CVE-2021-1814", "CVE-2021-1815", "CVE-2021-1816", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1822", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1832", "CVE-2021-1843", "CVE-2021-1846", "CVE-2021-1849", "CVE-2021-1851", "CVE-2021-1857", "CVE-2021-1858", "CVE-2021-1860", "CVE-2021-1864", "CVE-2021-1868", "CVE-2021-1872", "CVE-2021-1875", "CVE-2021-1880", "CVE-2021-1881", "CVE-2021-1882", "CVE-2021-1883", "CVE-2021-1884", "CVE-2021-1885", "CVE-2021-30652", "CVE-2021-30653", "CVE-2021-30659", "CVE-2021-30660", "CVE-2021-30661", "CVE-2021-30664", "CVE-2021-30743", "CVE-2021-30752", "CVE-2021-30764"], "modified": "2021-04-26T00:00:00", "id": "APPLE:48BC28AAD9E0029F9CF17E3ED0A5F181", "href": "https://support.apple.com/kb/HT212324", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T22:02:57", "description": "# About the security content of iOS 14.5 and iPadOS 14.5\n\nThis document describes the security content of iOS 14.5 and iPadOS 14.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 14.5 and iPadOS 14.5\n\nReleased April 26, 2021\n\n**Accessibility**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A person with physical access to an iOS device may be able to access notes from the lock screen\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1835: videosdebarraquito\n\n**App Store**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker in a privileged network position may be able to alter network traffic\n\nDescription: A certificate validation issue was addressed.\n\nCVE-2021-1837: Aapo Oksman of Nixu Cybersecurity\n\n**Apple Neural Engine**\n\nAvailable for: iPhone 8 and later, iPad Pro (3rd generation) and later, and iPad Air (3rd generation) and later\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1867: Zuozhi Fan (@pattern_F_) and Wish Wu (\u5434\u6f4d\u6d60) of Ant Group Tianqiong Security Lab\n\n**AppleMobileFileIntegrity**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2021-1849: Siguza\n\n**Assets**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to create or modify privileged files\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1836: an anonymous researcher\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2021-30742: Mickey Jin of Trend Micro working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**CFNetwork**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1857: an anonymous researcher\n\n**Compression**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-30752: Ye Zhang(@co0py_Cat) of Baidu Security\n\nEntry added May 28, 2021\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30664: JunDong Xie of Ant Security Light-Year Lab\n\nEntry added May 28, 2021\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30664: JunDong Xie of Ant Security Light-Year Lab\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreFoundation**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30659: Thijs Alkemade of Computest\n\n**Core Motion**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-1812: Siddharth Aeri (@b1n4r1b01)\n\nEntry added May 28, 2021\n\n**CoreText**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab\n\n**FaceTime**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Muting a CallKit call while ringing may not result in mute being enabled\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1872: Siraj Zaneer of Facebook\n\n**FontParser**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360\n\n**Foundation**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1882: Gabe Kirkpatrick (@gabe_k)\n\n**Foundation**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-1813: Cees Elzinga\n\n**GPU Drivers**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An access issue was addressed with improved memory management.\n\nCVE-2021-30656: Justin Sherman of University of Maryland, Baltimore County\n\n**Heimdal**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted server messages may lead to heap corruption\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1883: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2021-1884: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2021-30743: CFF of Topsec Alpha Team, Ye Zhang(@co0py_Cat) of Baidu Security, and Jeonghoon Shin(@singi21a) of THEORI working with Trend Micro Zero Day Initiative\n\nEntry added May 28, 2021\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-1885: CFF of Topsec Alpha Team\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30653: Ye Zhang of Baidu Security\n\nCVE-2021-1843: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-1858: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30764: Anonymous working with Trend Micro Zero Day Initiative\n\nCVE-2021-30662: Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**iTunes Store**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker with JavaScript execution may be able to execute arbitrary code\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-1864: CodeColorist of Ant-Financial LightYear Labs\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1877: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\nCVE-2021-1852: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\nCVE-2021-1830: Tielei Wang of Pangu Lab\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1874: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\nCVE-2021-1851: @0xalsr\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1860: @0xalsr\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-1816: Tielei Wang of Pangu Lab\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Copied files may not have the expected file permissions\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1832: an anonymous researcher\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30660: Alex Plaskett\n\n**libxpc**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2021-30652: James Hutchins\n\n**libxslt**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted file may lead to heap corruption\n\nDescription: A double free issue was addressed with improved memory management.\n\nCVE-2021-1875: Found by OSS-Fuzz\n\n**MobileAccessoryUpdater**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1833: Cees Elzinga\n\nEntry added May 28, 2021\n\n**MobileInstallation**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1822: Bruno Virlet of The Grizzly Labs\n\n**Password Manager**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user's password may be visible onscreen\n\nDescription: An issue obscuring passwords in screenshots was addressed with improved logic.\n\nCVE-2021-1865: Shibin B Shaji of UST\n\n**Preferences**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\n**Quick Response**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A person with physical access to an iOS device may be able to place phone calls to any phone number\n\nDescription: An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication.\n\nCVE-2021-1863: REFHAN OZGORUR\n\nEntry added May 28, 2021\n\n**Safari**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to write arbitrary files\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2021-1807: David Sch\u00fctz (@xdavidhu)\n\n**Shortcuts**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may allow shortcuts to access restricted files\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1831: Bouke van der Bijl\n\n**Siri**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An issue with Siri search access to information was addressed with improved logic\n\nDescription: A person with physical access may be able to access contacts.\n\nCVE-2021-1862: Anshraj Srivastava (@AnshrajSrivas14) of UKEF\n\nEntry added May 6, 2021, updated July 21, 2021 \n\n**Tailspin**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1868: Tim Michaud of Zoom Communications\n\n**TCC**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30659: Thijs Alkemade of Computest\n\nEntry added May 28, 2021\n\n**Telephony**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A legacy cellular network can automatically answer an incoming call when an ongoing call ends or drops. \n\nDescription: A call termination issue with was addressed with improved logic.\n\nCVE-2021-1854: Steven Thorne of Cspire\n\n**UIKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user's password may be visible onscreen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30921: Maximilian Blochberger of the Security in Distributed Systems Group of University of Hamburg\n\nEntry added January 19, 2022\n\n**Wallet**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to view sensitive information in the app switcher\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2021-1848: Bradley D\u2019Amato of ActionIQ\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2021-1825: Alex Camboe of Aon\u2019s Cyber Solutions\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-1817: zhunki\n\nEntry updated May 6, 2021\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1826: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1820: Andr\u00e9 Bargull\n\nEntry updated May 6, 2021\n\n**WebKit Storage**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30661: yangkang(@dnpushme) of 360 ATA\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-7463: Megan2013678\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A buffer overflow may result in arbitrary code execution\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1770: Jiska Classen (@naehrdine) of Secure Mobile Networking Lab, TU Darmstadt\n\nEntry added May 28, 2021\n\n\n\n## Additional recognition\n\n**Accounts Framework**\n\nWe would like to acknowledge Ellougani Mohamed of Dr.Phones Recycle Inc. for their assistance.\n\nEntry added May 6, 2021\n\n**AirDrop**\n\nWe would like to acknowledge @maxzks for their assistance.\n\nEntry added May 6, 2021\n\n**Assets**\n\nWe would like to acknowledge Cees Elzinga for their assistance.\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**CoreCrypto**\n\nWe would like to acknowledge Andy Russon of Orange Group for their assistance.\n\nEntry added May 6, 2021\n\n**File Bookmark**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**Files**\n\nWe would like to acknowledge Omar Espino (omespino.com) for their assistance.\n\nEntry added May 25, 2022\n\n**Foundation**\n\nWe would like to acknowledge CodeColorist of Ant-Financial LightYear Labs for their assistance.\n\nEntry added May 6, 2021\n\n**Kernel**\n\nWe would like to acknowledge Antonio Frighetto of Politecnico di Milano, GRIMM, Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan, Mikko Kentt\u00e4l\u00e4 ( @Turmio_ ) of SensorFu, Proteas, Tielei Wang of Pangu Lab, and Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab for their assistance.\n\nEntry added May 6, 2021\n\n**Mail**\n\nWe would like to acknowledge Lauritz Holtmann (@_lauritz_), Muhammed Korany (facebook.com/MohamedMoustafa4), and Yi\u011fit Can YILMAZ (@yilmazcanyigit) for their assistance.\n\nEntry added May 6, 2021\n\n**NetworkExtension**\n\nWe would like to acknowledge Fabian Hartmann for their assistance.\n\nEntry added May 6, 2021\n\n**Safari Private Browsing**\n\nWe would like to acknowledge Dor Kahana and Griddaluru Veera Pranay Naidu for their assistance.\n\nEntry added May 6, 2021\n\n**Security**\n\nWe would like to acknowledge Xingwei Lin of Ant Security Light-Year Lab and john (@nyan_satan) for their assistance.\n\nEntry added May 6, 2021\n\n**sysdiagnose**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Leviathan for their assistance.\n\nEntry added May 6, 2021\n\n**WebKit**\n\nWe would like to acknowledge Emilio Cobos \u00c1lvarez of Mozilla for their assistance.\n\nEntry added May 6, 2021\n\n**WebSheet**\n\nWe would like to acknowledge Patrick Clover for their assistance.\n\nEntry added May 6, 2021\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 25, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-26T00:00:00", "type": "apple", "title": "About the security content of iOS 14.5 and iPadOS 14.5", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7463", "CVE-2021-1739", "CVE-2021-1740", "CVE-2021-1770", "CVE-2021-1807", "CVE-2021-1808", "CVE-2021-1809", "CVE-2021-1811", "CVE-2021-1812", "CVE-2021-1813", "CVE-2021-1815", "CVE-2021-1816", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1822", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1830", "CVE-2021-1831", "CVE-2021-1832", "CVE-2021-1833", "CVE-2021-1835", "CVE-2021-1836", "CVE-2021-1837", "CVE-2021-1843", "CVE-2021-1846", "CVE-2021-1848", "CVE-2021-1849", "CVE-2021-1851", "CVE-2021-1852", "CVE-2021-1854", "CVE-2021-1857", "CVE-2021-1858", "CVE-2021-1860", "CVE-2021-1862", "CVE-2021-1863", "CVE-2021-1864", "CVE-2021-1865", "CVE-2021-1867", "CVE-2021-1868", "CVE-2021-1872", "CVE-2021-1874", "CVE-2021-1875", "CVE-2021-1877", "CVE-2021-1881", "CVE-2021-1882", "CVE-2021-1883", "CVE-2021-1884", "CVE-2021-1885", "CVE-2021-30652", "CVE-2021-30653", "CVE-2021-30656", "CVE-2021-30659", "CVE-2021-30660", "CVE-2021-30661", "CVE-2021-30662", "CVE-2021-30664", "CVE-2021-30742", "CVE-2021-30743", "CVE-2021-30752", "CVE-2021-30764", "CVE-2021-30921"], "modified": "2021-04-26T00:00:00", "id": "APPLE:CA6473609072D4746735999863BFAC33", "href": "https://support.apple.com/kb/HT212317", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T22:02:56", "description": "# About the security content of macOS Big Sur 11.3\n\nThis document describes the security content of macOS Big Sur 11.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## macOS Big Sur 11.3\n\nReleased April 26, 2021\n\n**APFS**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1853: Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2021-1849: Siguza\n\n**Apple Neural Engine**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1867: Zuozhi Fan (@pattern_F_) and Wish Wu(\u5434\u6f4d\u6d60) of Ant Group Tianqiong Security Lab\n\n**Archive Utility**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1810: Rasmus Sten (@pajp) of F-Secure\n\nEntry updated on April 27, 2021 \n\n**Audio**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab\n\n**CFNetwork**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1857: an anonymous researcher\n\n**Compression**\n\nAvailable for: macOS Big Sur\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30752: Ye Zhang (@co0py_Cat) of Baidu Security\n\nEntry added July 21, 2021 \n\n**CoreAudio**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30664: JunDong Xie of Ant Security Light-Year Lab\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreAudio**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab\n\n**CoreFoundation**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30659: Thijs Alkemade of Computest\n\n**CoreGraphics**\n\nAvailable for: macOS Big Sur\n\nImpact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1847: Xuwei Liu of Purdue University\n\n**CoreText**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab\n\n**curl**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious server may be able to disclose active services\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-8284: Marian Rehak\n\nEntry added May 6, 2021\n\n**curl**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker may provide a fraudulent OCSP response that would appear valid\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-8286: an anonymous researcher\n\n**curl**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A buffer overflow was addressed with improved input validation.\n\nCVE-2020-8285: xnynx\n\n**DiskArbitration**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.\n\nCVE-2021-1784: Mikko Kentt\u00e4l\u00e4 (@Turmio_) of SensorFu, Csaba Fitzl (@theevilbit) of Offensive Security, and an anonymous researcher\n\n**FaceTime**\n\nAvailable for: macOS Big Sur\n\nImpact: Muting a CallKit call while ringing may not result in mute being enabled\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1872: Siraj Zaneer of Facebook\n\n**FontParser**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360\n\n**Foundation**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1882: Gabe Kirkpatrick (@gabe_k)\n\n**Foundation**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-1813: Cees Elzinga\n\n**Heimdal**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted server messages may lead to heap corruption\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1883: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2021-1884: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-1880: Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-30653: Ye Zhang of Baidu Security\n\nCVE-2021-1814: Ye Zhang of Baidu Security, Mickey Jin &amp; Qi Sun of Trend Micro, and Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-1843: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-1885: CFF of Topsec Alpha Team\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-1858: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: An out-of-bounds write was addressed with improved input validation\n\nDescription: Processing a maliciously crafted image may lead to arbitrary code execution.\n\nCVE-2021-30743: Ye Zhang (@co0py_Cat) of Baidu Security, CFF of Topsec Alpha Team, Jzhu working with Trend Micro Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab, CFF of Topsec Alpha Team, Jeonghoon Shin (@singi21a) of THEORI working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021 \n\n**Installer**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved handling of file metadata.\n\nCVE-2021-30658: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-1841: Jack Dates of RET2 Systems, Inc.\n\nCVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1860: @0xalsr\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1851: @0xalsr\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: Copied files may not have the expected file permissions\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1832: an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30660: Alex Plaskett\n\n**libxpc**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2021-30652: James Hutchins\n\n**libxslt**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted file may lead to heap corruption\n\nDescription: A double free issue was addressed with improved memory management.\n\nCVE-2021-1875: Found by OSS-Fuzz\n\n**Login Window**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application with root privileges may be able to access private information\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2021-1824: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Notes**\n\nAvailable for: macOS Big Sur\n\nImpact: Locked Notes content may have been unexpectedly unlocked\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1859: Syed Ali Shuja (@SyedAliShuja) of Colour King Pvt. Ltd\n\n**NSRemoteView**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-1876: Matthew Denton of Google Chrome\n\n**Preferences**\n\nAvailable for: macOS Big Sur\n\nImpact: A local user may be able to modify protected parts of the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nCVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\n**Safari**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious website may be able to track users by setting state in a cache\n\nDescription: An issue existed in determining cache occupancy. The issue was addressed through improved logic.\n\nCVE-2021-1861: Konstantinos Solomos of University of Illinois at Chicago\n\n**Safari**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious website may be able to force unnecessary network connections to fetch its favicon\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1855: H\u00e5vard Mikkelsen Ottestad of HASMAC AS\n\n**SampleAnalysis**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1868: Tim Michaud of Zoom Communications\n\n**Sandbox**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to access the user's recent contacts\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-30750: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added May 28, 2021\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to leak sensitive user information\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2021-1878: Aleksandar Nikolic of Cisco Talos (talosintelligence.com)\n\n**System Preferences**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30657: Cedric Owens (@cedowens)\n\nEntry added April 27, 2021, updated April 30, 2021\n\n**TCC**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences\n\nDescription: This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions.\n\nCVE-2021-30856: Csaba Fitzl (@theevilbit) of Offensive Security, Andy Grant of Zoom Video Communications, Thijs Alkemade of Computest Research Division, Wojciech Regu\u0142a of SecuRing (wojciechregula.blog), Cody Thomas of SpecterOps, Mickey Jin of Trend Micro\n\nEntry added January 19, 2022, updated May 25, 2022 \n\n**tcpdump**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-8037: an anonymous researcher\n\n**Time Machine**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: An input validation issue was addressed with improved input validation.\n\nCVE-2021-1825: Alex Camboe of Aon\u2019s Cyber Solutions\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-1817: zhunki\n\nEntry updated May 6, 2021\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-1826: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may result in the disclosure of process memory\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2021-1820: Andr\u00e9 Bargull\n\nEntry updated May 6, 2021\n\n**WebKit Storage**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30661: yangkang(@dnpushme) of 360 ATA\n\n**WebRTC**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-7463: Megan2013678\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2021-1829: Tielei Wang of Pangu Lab\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-30655: Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications and Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: A logic issue was addressed with improved state management\n\nDescription: A buffer overflow may result in arbitrary code execution.\n\nCVE-2021-1770: Jiska Classen (@naehrdine) of Secure Mobile Networking Lab, TU Darmstadt\n\nEntry added July 21, 2021 \n\n**WindowServer**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields\n\nDescription: An API issue in Accessibility TCC permissions was addressed with improved state management.\n\nCVE-2021-1873: an anonymous researcher\n\n\n\n## Additional recognition\n\n**AirDrop**\n\nWe would like to acknowledge @maxzks for their assistance.\n\nEntry added May 6, 2021\n\n**CoreAudio**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**CoreCrypto**\n\nWe would like to acknowledge Andy Russon of Orange Group for their assistance.\n\nEntry added May 6, 2021\n\n**File Bookmark**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**Foundation**\n\nWe would like to acknowledge CodeColorist of Ant-Financial LightYear Labs for their assistance.\n\nEntry added May 6, 2021\n\n**Kernel**\n\nWe would like to acknowledge Antonio Frighetto of Politecnico di Milano, GRIMM, Keyu Man, Zhiyun Qian, Zhongjie Wang, Xiaofeng Zheng, Youjun Huang, Haixin Duan, Mikko Kentt\u00e4l\u00e4 ( @Turmio_ ) of SensorFu, and Proteas for their assistance.\n\nEntry added May 6, 2021\n\n**Mail**\n\nWe would like to acknowledge Petter Flink, SecOps of Bonnier News and an anonymous researcher for their assistance.\n\nEntry added May 6, 2021\n\n**Safari**\n\nWe would like to acknowledge Sahil Mehra (Nullr3x) &amp; Shivam Kamboj Dattana (Sechunt3r) for their assistance.\n\nEntry added May 6, 2021\n\n**Security**\n\nWe would like to acknowledge Xingwei Lin of Ant Security Light-Year Lab and john (@nyan_satan) for their assistance.\n\nEntry added May 6, 2021\n\n**sysdiagnose**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Leviathan for their assistance.\n\nEntry added May 6, 2021\n\n**WebKit**\n\nWe would like to acknowledge Emilio Cobos \u00c1lvarez of Mozilla for their assistance.\n\nEntry added May 6, 2021\n\n**WebSheet**\n\nWe would like to acknowledge Patrick Clover for their assistance.\n\nEntry added May 6, 2021\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 25, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-26T00:00:00", "type": "apple", "title": "About the security content of macOS Big Sur 11.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7463", "CVE-2020-8037", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2021-1739", "CVE-2021-1740", "CVE-2021-1770", "CVE-2021-1784", "CVE-2021-1808", "CVE-2021-1809", "CVE-2021-1810", "CVE-2021-1811", "CVE-2021-1813", "CVE-2021-1814", "CVE-2021-1815", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1824", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1828", "CVE-2021-1829", "CVE-2021-1832", "CVE-2021-1834", "CVE-2021-1839", "CVE-2021-1840", "CVE-2021-1841", "CVE-2021-1843", "CVE-2021-1846", "CVE-2021-1847", "CVE-2021-1849", "CVE-2021-1851", "CVE-2021-1853", "CVE-2021-1855", "CVE-2021-1857", "CVE-2021-1858", "CVE-2021-1859", "CVE-2021-1860", "CVE-2021-1861", "CVE-2021-1867", "CVE-2021-1868", "CVE-2021-1872", "CVE-2021-1873", "CVE-2021-1875", "CVE-2021-1876", "CVE-2021-1878", "CVE-2021-1880", "CVE-2021-1881", "CVE-2021-1882", "CVE-2021-1883", "CVE-2021-1884", "CVE-2021-1885", "CVE-2021-30652", "CVE-2021-30653", "CVE-2021-30655", "CVE-2021-30657", "CVE-2021-30658", "CVE-2021-30659", "CVE-2021-30660", "CVE-2021-30661", "CVE-2021-30664", "CVE-2021-30743", "CVE-2021-30750", "CVE-2021-30752", "CVE-2021-30856"], "modified": "2021-04-26T00:00:00", "id": "APPLE:2A32C0762786DF36357D645066CDC600", "href": "https://support.apple.com/kb/HT212325", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2022-11-08T06:10:02", "description": "An update that fixes 43 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.34.3 (bsc#1194019).\n - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced\n Content Security Policy when processing maliciously crafted web content.\n - CVE-2021-30890: Fixed logic issue allowing universal cross site\n scripting when processing maliciously crafted web content.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-182=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-25T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2022-01-25T00:00:00", "id": "OPENSUSE-SU-2022:0182-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FK6EK2KGH7KDPXCBN2Q3SSAVOCIXNCFX/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:39:45", "description": "An update that fixes 43 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.34.3 (bsc#1194019).\n - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced\n Content Security Policy when processing maliciously crafted web content.\n - CVE-2021-30890: Fixed logic issue allowing universal cross site\n scripting when processing maliciously crafted web content.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-182=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-17T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2022-02-17T00:00:00", "id": "OPENSUSE-SU-2022:0182-2", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IILRBHE4XKYN4SZKE6UX55V3HK54NAIK/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2023-05-27T14:58:14", "description": "### Background\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. \n\n### Description\n\nMultiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker, by enticing a user to visit maliciously crafted web content, may be able to execute arbitrary code, violate iframe sandboxing policy, access restricted ports on arbitrary servers, cause memory corruption, or could cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll WebkitGTK+ users should upgrade to the latest version:\n \n \n \t\t\t# emerge --sync\n \t\t\t# emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-2.34.4\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "gentoo", "title": "WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-42762", "CVE-2021-45482"], "modified": "2022-02-01T00:00:00", "id": "GLSA-202202-01", "href": "https://security.gentoo.org/glsa/202202-01", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ibm": [{"lastseen": "2023-06-24T06:14:14", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.7.2.0 and earlier uses packages that are vulnerable to several CVEs. These issues have been addressed in an update. See the Fixes section below for instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-24332](<https://vulners.com/cve/CVE-2020-24332>) \n** DESCRIPTION: **TrouSerS could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the tscd Daemon. By using symlink attacks, an attacker could exploit this vulnerability to create or corrupt existing files. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186821](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186821>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-22543](<https://vulners.com/cve/CVE-2021-22543>) \n** DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of VM_IO|VM_PFNMAP vmas in KVM. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to start and control a VM to read/write random pages of memory. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202561](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202561>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2019-9169](<https://vulners.com/cve/CVE-2019-9169>) \n** DESCRIPTION: **GNU glibc is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the proceed_next_node function in posix/regexec.c. By sending a specially-crafted argument using a case-insensitive regular-expression match, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-3450](<https://vulners.com/cve/CVE-2021-3450>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to bypass security restrictions, caused by a a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any valid certificate or certificate chain to sign a specially crafted certificate, an attacker could bypass the check that non-CA certificates must not be able to issue other certificates and override the default purpose. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198754](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198754>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2019-25013](<https://vulners.com/cve/CVE-2019-25013>) \n** DESCRIPTION: **GNU glibc is vulnerable to a denial of service, caused by a buffer over-read in iconv feature. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a SIGSEGV. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194579](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194579>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13434](<https://vulners.com/cve/CVE-2020-13434>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an integer overflow in the sqlite3_str_vappendf function. By sending a specially-crafted request, a remote attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182405](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182405>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25648](<https://vulners.com/cve/CVE-2020-25648>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox is vulnerable to a denial of service, caused by improper handling of CCS (ChangeCipherSpec) messages in TLS. By sending specially-crafted CCS messages, a remote attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190416](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190416>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25692](<https://vulners.com/cve/CVE-2020-25692>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially crafted TCP packet, a remote attacker could exploit this vulnerability to cause slapd to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191968](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191968>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28196](<https://vulners.com/cve/CVE-2020-28196>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an unbounded recursion flaw in lib/krb5/asn.1/asn1_encode.c. By sending a specially-crafted ASN.1-encoded Kerberos message, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191321](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191321>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-29361](<https://vulners.com/cve/CVE-2020-29361>) \n** DESCRIPTION: **p11-glue p11-kit are vulnerable to a denial of service, caused by multiple integer overflows when allocating memory for arrays of attributes and object identifiers. By sending a specially-crafted request using realloc or calloc function, an attacker could exploit this vulnerability to cause a denial of service or possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-29362](<https://vulners.com/cve/CVE-2020-29362>) \n** DESCRIPTION: **p11-glue p11-kit could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read flaw in the RPC protocol. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain up to 4 bytes of memory past the heap allocation, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-29363](<https://vulners.com/cve/CVE-2020-29363>) \n** DESCRIPTION: **p11-glue p11-kit is vulnerable to a denial of service, caused by a heap-based buffer overflow in the RPC protocol. By sending a serialized byte array in a CK_ATTRIBUTE, a remote attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193534](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193534>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8285](<https://vulners.com/cve/CVE-2020-8285>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a stack-based buffer overflow in the wildcard matching function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8286](<https://vulners.com/cve/CVE-2020-8286>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper OCSP response verification. By sending a specially-crafted request, an attacker could exploit this vulnerability to breach a TLS server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-8625](<https://vulners.com/cve/CVE-2020-8625>) \n** DESCRIPTION: **ISC BIND is vulnerable to a buffer overflow, caused by improper bounds checking by the SPNEGO implementation. By setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the named process to crash. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196959](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196959>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23362](<https://vulners.com/cve/CVE-2021-23362>) \n** DESCRIPTION: **Node.js hosted-git-info module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the fromUrl function in index.js. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198792](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198792>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-2388](<https://vulners.com/cve/CVE-2021-2388>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205815>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-25215](<https://vulners.com/cve/CVE-2021-25215>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By sending a query for DNAME records, an attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200960](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200960>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27219](<https://vulners.com/cve/CVE-2021-27219>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to cause a denial of service, caused by an integer overflow in the g_bytes_new function. An attacker could exploit this vulnerability to corrupt memory and cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196782](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196782>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27290](<https://vulners.com/cve/CVE-2021-27290>) \n** DESCRIPTION: **Node.js ssri module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw by the SRIs. By sending a specially-crafted regex string, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3326](<https://vulners.com/cve/CVE-2021-3326>) \n** DESCRIPTION: **GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by an assertion failure when processing invalid input sequences in the ISO-2022-JP-3 encoding in the iconv function. By sending specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195732>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3449](<https://vulners.com/cve/CVE-2021-3449>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in signature_algorithms processing. By sending a specially crafted renegotiation ClientHello message from a client, a remote attacker could exploit this vulnerability to cause the TLS server to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198752](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198752>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3537](<https://vulners.com/cve/CVE-2021-3537>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when parsing XML mixed content in recovery mode and post-validated. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203084](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203084>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-14502](<https://vulners.com/cve/CVE-2017-14502>) \n** DESCRIPTION: **libarchive is vulnerable to a buffer overflow, caused by improper bounds checking by the read_header function in archive_read_support_format_rar.c. By persuading a victim to open a specially-crafted RAR file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24330](<https://vulners.com/cve/CVE-2020-24330>) \n** DESCRIPTION: **TrouSerS could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw when the tcsd daemon is started with root privileges instead of by the tss user. An attacker could exploit this vulnerability to gain root privileges on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24331](<https://vulners.com/cve/CVE-2020-24331>) \n** DESCRIPTION: **TrouSerS could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw when the tcsd daemon is started with root privileges. An attacker could exploit this vulnerability to gain read and write privileges on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186763](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186763>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24977](<https://vulners.com/cve/CVE-2020-24977>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the xmlEncodeEntitiesInternal function in libxml2/entities.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-22555](<https://vulners.com/cve/CVE-2021-22555>) \n** DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap out-of-bounds write flaw in net/netfilter/x_tables.c. By sending a specially-crafted request through user name space, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204997](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204997>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3516](<https://vulners.com/cve/CVE-2021-3516>) \n** DESCRIPTION: **libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in xmlEncodeEntitiesInternal() in entities.c. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202838](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202838>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3609](<https://vulners.com/cve/CVE-2021-3609>) \n** DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in net/can/bcm.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-20305](<https://vulners.com/cve/CVE-2021-20305>) \n** DESCRIPTION: **Nettle could allow a remote attacker to bypass security restrictions, caused by a flaw related to several signature verification functions result in the Elliptic Curve Cryptography point (ECC) multiply function being invoked with out-of-range scalers. An attacker could exploit this vulnerability to force an invalid signature, causing an assertion failure or possible validation. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199653](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199653>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3517](<https://vulners.com/cve/CVE-2021-3517>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal() in entities.c. By sending a specially crafted file, a remote attacker could trigger an out-of-bounds read and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3518](<https://vulners.com/cve/CVE-2021-3518>) \n** DESCRIPTION: **GNOME libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the xmlXIncludeDoProcess() function in xinclude.c. By sending a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3520](<https://vulners.com/cve/CVE-2021-3520>) \n** DESCRIPTION: **lz4 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted file, an attacker could invoke memmove() on a negative size argument leading to memory corruption and trigger an out-of-bounds write or cause the library to crash. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2019-18276](<https://vulners.com/cve/CVE-2019-18276>) \n** DESCRIPTION: **GNU Bash could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the disable_priv_mode in shell.c. By sending a specially-crafted command, an attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-13543](<https://vulners.com/cve/CVE-2020-13543>) \n** DESCRIPTION: **Webkit WebKitGTK could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebSocket functionality. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code or cause the application to crash. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-13584](<https://vulners.com/cve/CVE-2020-13584>) \n** DESCRIPTION: **Webkit WebKitGTK could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the ImageDecoderGStreamer functionality. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code or cause the application to crash. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192463](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192463>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14360](<https://vulners.com/cve/CVE-2020-14360>) \n** DESCRIPTION: **X.Org xserver could allow a remote authenticated attacker to gain elevated privileges on the system, caused by insufficient checks on the lengths of the XkbSetMap request. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain out-of-bounds memory access in the X server and escalate privileges. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9951](<https://vulners.com/cve/CVE-2020-9951>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1817](<https://vulners.com/cve/CVE-2021-1817>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200746](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200746>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30661](<https://vulners.com/cve/CVE-2021-30661>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200749](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200749>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-2432](<https://vulners.com/cve/CVE-2021-2432>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-2341](<https://vulners.com/cve/CVE-2021-2341>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205768](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205768>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-13012](<https://vulners.com/cve/CVE-2019-13012>) \n** DESCRIPTION: **GNOME GLib could allow a local attacker to bypass security restrictions, caused by improper permission control in the keyfile settings backend. An attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-2708](<https://vulners.com/cve/CVE-2019-2708>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Berkeley DB related to the Data Store component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-14363](<https://vulners.com/cve/CVE-2020-14363>) \n** DESCRIPTION: **X.Org libX11 is vulnerable to a denial of service, caused by a double free in the way LibX11 handles locales. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-1971](<https://vulners.com/cve/CVE-2020-1971>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERAL_NAME_cmp function contain an EDIPARTYNAME, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192748](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192748>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-12049](<https://vulners.com/cve/CVE-2020-12049>) \n** DESCRIPTION: **D-Bus is vulnerable to a denial of service, caused by an error in _dbus_read_socket_with_unix_fds. By sending specially crafted messages, a local attacker could exploit this vulnerability to cause the system dbus-daemon (dbus-daemon --system) to leak file descriptors. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182955](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182955>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-10029](<https://vulners.com/cve/CVE-2020-10029>) \n** DESCRIPTION: **GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by a stack-based overflow during range reduction. A local attacker could exploit this vulnerability to cause a stack corruption, leading to a denial of service condition. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177225](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177225>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-29573](<https://vulners.com/cve/CVE-2020-29573>) \n** DESCRIPTION: **GNU C Library is vulnerable to a stack-based buffer overflow, caused by not handling non-normal x86 long double numbers gracefully for printf family functions. By sending a specially crafted value to the functions, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192722](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192722>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-8624](<https://vulners.com/cve/CVE-2020-8624>) \n** DESCRIPTION: **ISC BIND could allow a remote authenticated attacker to bypass security restrictions, caused by the failure to properly enforce the update-policy rules of type \"subdomain\". By sending a specially-crafted request, an attacker could exploit this vulnerability to update other contents of the zone. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187062>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8617](<https://vulners.com/cve/CVE-2020-8617>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a logic error in code which checks TSIG validity. A remote attacker could exploit this vulnerability to trigger an assertion failure in tsig.c. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182127](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182127>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8622](<https://vulners.com/cve/CVE-2020-8622>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by an assertion failure when attempting to verify a truncated response to a TSIG-signed request. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause the server to exit. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187060](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187060>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8177](<https://vulners.com/cve/CVE-2020-8177>) \n** DESCRIPTION: **cURL could allow a remote attacker to overwrite arbitrary files on the system, caused by the improper handling of certain parameters when using -J (--remote-header-name) and -I (--include) in the same command line. An attacker could exploit this vulnerability to overwrite a local file. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183931](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183931>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-20578](<https://vulners.com/cve/CVE-2021-20578>) \n** DESCRIPTION: **IBM Cloud Pak for Security (CP4S) could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199282](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199282>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-23364](<https://vulners.com/cve/CVE-2021-23364>) \n** DESCRIPTION: **Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) during parsing of queries. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28469](<https://vulners.com/cve/CVE-2020-28469>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-2369](<https://vulners.com/cve/CVE-2021-2369>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Library component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3177](<https://vulners.com/cve/CVE-2021-3177>) \n** DESCRIPTION: **Python is vulnerable to a buffer overflow, caused by improper bounds checking by the PyCArg_repr function in _ctypes/callproc.c. By sending specially-crafted arguments to c_double.from_param, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36329](<https://vulners.com/cve/CVE-2020-36329>) \n** DESCRIPTION: **Libwebp could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in EmitFancyRGB() in dec/io_dec.c. A remote attacker could exploit this vulnerability to execute arbitrary code on the system, obtain sensitive information or cause a denial of service. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202253](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202253>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-25011](<https://vulners.com/cve/CVE-2018-25011>) \n** DESCRIPTION: **Libwebp is vulnerable to a heap-based buffer overflow, caused by improper bounds checking in function PutLE16(). By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202259](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202259>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36328](<https://vulners.com/cve/CVE-2020-36328>) \n** DESCRIPTION: **Libwebp is vulnerable to a heap-based buffer overflow, caused by improper bounds checking in function WebPDecodeRGBInto. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-25712](<https://vulners.com/cve/CVE-2020-25712>) \n** DESCRIPTION: **X.Org xserver is vulnerable to a heap-based buffer overflow, caused by insufficient checks on input of the XkbSetDeviceInfo request. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10878](<https://vulners.com/cve/CVE-2020-10878>) \n** DESCRIPTION: **Perl could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow related to the mishandling of a PL_regkind[OP(n)] == NOTHING situation. By using a specially-crafted regular expression, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183204](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183204>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10543](<https://vulners.com/cve/CVE-2020-10543>) \n** DESCRIPTION: **Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the nested regular expression quantifiers. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183203](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183203>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-29894](<https://vulners.com/cve/CVE-2021-29894>) \n** DESCRIPTION: **IBM Cloud Pak for Security (CP4S) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207320](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207320>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-3842](<https://vulners.com/cve/CVE-2019-3842>) \n** DESCRIPTION: **systemd could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to properly sanitize the environment before using the XDG_SEAT variable by pam_systemd. By spoofing an active session to PolicyKit, an authenticated attacker could exploit this vulnerability to gain additional PolicyKit privileges. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159257](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159257>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-10228](<https://vulners.com/cve/CVE-2016-10228>) \n** DESCRIPTION: **GNU C Library (glibc) is vulnerable to a denial of service, caused by an error in the iconv program. By processing invalid multi-byte input sequences, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124078](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124078>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-27619](<https://vulners.com/cve/CVE-2020-27619>) \n** DESCRIPTION: **An unspecified error with CJK codec tests call eval() on content retrieved throug HTTP in multibytecodec_support.py in Python has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190408](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190408>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8231](<https://vulners.com/cve/CVE-2020-8231>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the improper handling of the CURLOPT_CONNECT_ONLY option. The raw data is sent over that connection to the wrong destination. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-8927](<https://vulners.com/cve/CVE-2020-8927>) \n** DESCRIPTION: **Brotli is vulnerable to buffer overflow. By controlling the input length of a \"one-shot\" decompression request to a script, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-2163](<https://vulners.com/cve/CVE-2021-2163>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200292](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200292>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-14347](<https://vulners.com/cve/CVE-2020-14347>) \n** DESCRIPTION: **X.Org Xserver could allow a local authenticated attacker to obtain sensitive information, caused by the failure to initialize the memory in xserverr pixmap data by the allocation for pixmap data in AllocatePixmap() function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information from heap memory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186165](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186165>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-15358](<https://vulners.com/cve/CVE-2020-15358>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a heap-based buffer overflow in the mishandling of query-flattener optimization in select.c. By sending a specially-crafted query, a local authenticated attacker could overflow a buffer and cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-27618](<https://vulners.com/cve/CVE-2020-27618>) \n** DESCRIPTION: **GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by an error when processing some invalid inputs from several IBM character sets in the iconv function. By sending invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, IBM1399 encodings, a local authenticated attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196446](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196446>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23336](<https://vulners.com/cve/CVE-2021-23336>) \n** DESCRIPTION: **Python CPython could allow a remote attacker to bypass security restrictions, caused by a web cache poisoning flaw via urllib.parse.parse_qsl and urllib.parse.parse_qs. By sending a specially-crafted request parameter cloaking, an attacker could exploit this vulnerability to cause a difference in the interpretation of the request between the proxy and the server. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196808](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196808>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2020-26137](<https://vulners.com/cve/CVE-2020-26137>) \n** DESCRIPTION: **urllib3 is vulnerable to CRLF injection. By inserting CR and LF control characters in the first argument of putrequest(), a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189426](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189426>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-27783](<https://vulners.com/cve/CVE-2020-27783>) \n** DESCRIPTION: **Python LXML is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the clean module. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192644](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192644>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-1826](<https://vulners.com/cve/CVE-2021-1826>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to universal cross-site scripting, caused by a logic issue in the WebIt component. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200747](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200747>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-3421](<https://vulners.com/cve/CVE-2021-3421>) \n** DESCRIPTION: **RPM Project RPM could allow a remote attacker to bypass security restrictions, caused by a flaw in the read function. By persuading a victim to install a seemingly verifiable package or compromise an RPM repository, an attacker could exploit this vulnerability to cause a corruption to the RPM database. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203124](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203124>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L) \n \n** CVEID: **[CVE-2021-27218](<https://vulners.com/cve/CVE-2021-27218>) \n** DESCRIPTION: **GNOME GLib is vulnerable to a denial of service, caused by an error when invoking g_byte_array_new_take() with a buffer of 4GB or more on a 64-bit platform. An attacker could exploit this vulnerability to cause unintended length truncation. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196784](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196784>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33910](<https://vulners.com/cve/CVE-2021-33910>) \n** DESCRIPTION: **Systemd is vulnerable to a denial of service, caused by a memory allocation with an excessive size value in basic/unit-name.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205907](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205907>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-9948](<https://vulners.com/cve/CVE-2020-9948>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188410](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188410>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-9983](<https://vulners.com/cve/CVE-2020-9983>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the WebKit component. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188412](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188412>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-26116](<https://vulners.com/cve/CVE-2020-26116>) \n** DESCRIPTION: **Python is vulnerable to CRLF injection, caused by improper validation of user-supplied input in http.client. By inserting CR and LF control characters in the first argument of HTTPConnection.request, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189404](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189404>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-8284](<https://vulners.com/cve/CVE-2020-8284>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by improper validation of FTP PASV responses. By persuading a victim to connect a specially-crafted server, an attacker could exploit this vulnerability to obtain sensitive information about services, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192854](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192854>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-1820](<https://vulners.com/cve/CVE-2021-1820>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a memory initialization issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to disclose process memory. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200748](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200748>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-1825](<https://vulners.com/cve/CVE-2021-1825>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the WebKit component. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200745](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200745>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-22918](<https://vulners.com/cve/CVE-2021-22918>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an out-of-bounds read in the libuv's uv__idna_toascii() function. By invoking the function using dns module's lookup() function, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204784](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204784>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-25214](<https://vulners.com/cve/CVE-2021-25214>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a broken inbound incremental zone update (IXFR). By sending a specially crafted IXFR, an attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200961](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200961>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3541](<https://vulners.com/cve/CVE-2021-3541>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an exponential entity expansion attack which bypasses all existing protection mechanisms. A remote authenticated attacker could exploit this vulnerability to consume all available resources. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204818](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204818>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13776](<https://vulners.com/cve/CVE-2020-13776>) \n** DESCRIPTION: **systemd could allow a local authenticated attacker to gain elevated privileges on the system, caused by the mishandling of numerical usernames. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges as root. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184600](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184600>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14344](<https://vulners.com/cve/CVE-2020-14344>) \n** DESCRIPTION: **X.Org libX11 could allow a local attacker to execute arbitrary code on the system, caused by an integer overflow and signed/unsigned comparison flaws in the X Input Method (XIM) client implementation. By sending specially-crafted messages, a local attacker could exploit this vulnerability to cause a heap corruption and execute arbitrary code on the system. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186164](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186164>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14345](<https://vulners.com/cve/CVE-2020-14345>) \n** DESCRIPTION: **X.Org server could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds access flaw in XkbSetNames. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187208](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187208>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14346](<https://vulners.com/cve/CVE-2020-14346>) \n** DESCRIPTION: **X.Org server could allow a local authenticated attacker to gain elevated privileges on the system, caused by an integer underflow in XIChangeHierarchy. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187209](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187209>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14361](<https://vulners.com/cve/CVE-2020-14361>) \n** DESCRIPTION: **X.Org server could allow a local authenticated attacker to gain elevated privileges on the system, caused by an integer underflow in XkbSelectEvents. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14362](<https://vulners.com/cve/CVE-2020-14362>) \n** DESCRIPTION: **X.Org server could allow a local authenticated attacker to gain elevated privileges on the system, caused by an integer underflow in XRecordRegisterClients. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187211](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187211>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-20271](<https://vulners.com/cve/CVE-2021-20271>) \n** DESCRIPTION: **RPM could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the signature check function. By persuading a victim to open a specially-crafted package file, an attacker could exploit this vulnerability to cause RPM database corruption and execute arbitrary code on the system. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198961](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198961>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.7.2.0 \nCloud Pak for Security (CP4S)| 1.7.1.0 \nCloud Pak for Security (CP4S)| 1.7.0.0 \n \n \n\n\n## Remediation/Fixes\n\nPlease upgrade to CP4S 1.8.0.0 following instructions at <https://www.ibm.com/docs/en/SSTDPP_1.8/docs/security-pak/upgrading.html>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-19T15:38:04", "type": "ibm", "title": "Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10228", "CVE-2017-14502", "CVE-2018-25011", "CVE-2019-13012", "CVE-2019-18276", "CVE-2019-25013", "CVE-2019-2708", "CVE-2019-3842", "CVE-2019-9169", "CVE-2020-10029", "CVE-2020-10543", "CVE-2020-10878", "CVE-2020-12049", "CVE-2020-13434", "CVE-2020-13543", "CVE-2020-13584", "CVE-2020-13776", "CVE-2020-14344", "CVE-2020-14345", "CVE-2020-14346", "CVE-2020-14347", "CVE-2020-14360", "CVE-2020-14361", "CVE-2020-14362", "CVE-2020-14363", "CVE-2020-15358", "CVE-2020-1971", "CVE-2020-24330", "CVE-2020-24331", "CVE-2020-24332", "CVE-2020-24977", "CVE-2020-25648", "CVE-2020-25692", "CVE-2020-25712", "CVE-2020-26116", "CVE-2020-26137", "CVE-2020-27618", "CVE-2020-27619", "CVE-2020-27783", "CVE-2020-28196", "CVE-2020-28469", "CVE-2020-29361", "CVE-2020-29362", "CVE-2020-29363", "CVE-2020-29573", "CVE-2020-36328", "CVE-2020-36329", "CVE-2020-8177", "CVE-2020-8231", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2020-8617", "CVE-2020-8622", "CVE-2020-8624", "CVE-2020-8625", "CVE-2020-8927", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9983", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-20271", "CVE-2021-20305", "CVE-2021-20578", "CVE-2021-2163", "CVE-2021-22543", "CVE-2021-22555", "CVE-2021-22918", "CVE-2021-23336", "CVE-2021-23337", "CVE-2021-23362", "CVE-2021-23364", "CVE-2021-2341", "CVE-2021-2369", "CVE-2021-2388", "CVE-2021-2432", "CVE-2021-25214", "CVE-2021-25215", "CVE-2021-27218", "CVE-2021-27219", "CVE-2021-27290", "CVE-2021-29894", "CVE-2021-30661", "CVE-2021-3177", "CVE-2021-3326", "CVE-2021-33910", "CVE-2021-3421", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3537", "CVE-2021-3541", "CVE-2021-3609"], "modified": "2021-10-19T15:38:04", "id": "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "href": "https://www.ibm.com/support/pages/node/6493729", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2023-09-07T04:19:30", "description": "**Issue Overview:**\n\nA logic issue was addressed with improved state management. (CVE-2020-22592)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-27918)\n\n\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\nThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\nA port redirection issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. A malicious website may be able to access restricted ports on arbitrary servers. The highest threat from this vulnerability is to data integrity. (CVE-2021-1799)\n\nThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\nA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\nAn input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\nA memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870)\n\nA use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\nA use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (CVE-2021-21779)\n\nAn exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\nAn integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\nA buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734)\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30744)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30749)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\nThis issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30797)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nA use-after-free flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30809)\n\nA confusion type flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30818)\n\nAn out-of-bounds read flaw was found in WebKitGTK. A specially crafted audio file could use this flaw to trigger a disclosure of memory when processed. (CVE-2021-30836)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\nA memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\nAn information leak flaw was found in WebKitGTK. A malicious web site using Content Security Policy reports could use this flaw to leak information via redirects. (CVE-2021-30888)\n\nA buffer overflow flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30889)\n\nA logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\nA buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30951)\n\nAn integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\nAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\nA type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\nA race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none. (CVE-2021-32912)\n\nBubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\nA segmentation violation vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45481)\n\nA use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45482)\n\nA use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45483)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-22590)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\nA cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-22662)\n\nA logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call. (CVE-2022-22677)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. (CVE-2022-26700)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26709)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26710)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26716)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26719)\n\nIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. (CVE-2022-30293)\n\nAn out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32792)\n\nMultiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. (CVE-2022-32793)\n\nThe issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32816)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32885)\n\nAn out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\nA correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\nThe issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution\n\nRESERVED \nNOTE: https://webkitgtk.org/security/WSA-2023-0001.html (CVE-2022-42826)\n\nThe issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42863)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42867)\n\nA memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\nA logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\nA logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46699)\n\nA memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\nA flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. (CVE-2023-2203)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution (CVE-2023-23517)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution (CVE-2023-23518)\n\nA vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. This may, in theory, allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger type confusion, and execute arbitrary code on the target system. (CVE-2023-23529)\n\nA use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25358)\n\nA use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25360)\n\nA use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25361)\n\nA use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\nA use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\nThe vulnerability allows a remote attacker to bypass Same Origin Policy restrictions. (CVE-2023-27932)\n\nThe vulnerability exists due to excessive data output by the application. A remote attacker can track sensitive user information. (CVE-2023-27954)\n\nAn out-of-bounds read issue in WebKit that could be abused to disclose sensitive information when processing web content. It was addressed with improved input validation. (CVE-2023-28204)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2023-28205)\n\nA use-after free bug in WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. It was addressed with improved memory management. (CVE-2023-32373)\n\nN/A (CVE-2023-32409)\n\n \n**Affected Packages:** \n\n\nwebkitgtk4\n\n \n**Issue Correction:** \nRun _yum update webkitgtk4_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.i686 \n \n src: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2020-22592](<https://access.redhat.com/security/cve/CVE-2020-22592>), [CVE-2020-27918](<https://access.redhat.com/security/cve/CVE-2020-27918>), [CVE-2020-29623](<https://access.redhat.com/security/cve/CVE-2020-29623>), [CVE-2021-1765](<https://access.redhat.com/security/cve/CVE-2021-1765>), [CVE-2021-1788](<https://access.redhat.com/security/cve/CVE-2021-1788>), [CVE-2021-1789](<https://access.redhat.com/security/cve/CVE-2021-1789>), [CVE-2021-1799](<https://access.redhat.com/security/cve/CVE-2021-1799>), [CVE-2021-1801](<https://access.redhat.com/security/cve/CVE-2021-1801>), [CVE-2021-1817](<https://access.redhat.com/security/cve/CVE-2021-1817>), [CVE-2021-1820](<https://access.redhat.com/security/cve/CVE-2021-1820>), [CVE-2021-1825](<https://access.redhat.com/security/cve/CVE-2021-1825>), [CVE-2021-1826](<https://access.redhat.com/security/cve/CVE-2021-1826>), [CVE-2021-1844](<https://access.redhat.com/security/cve/CVE-2021-1844>), [CVE-2021-1870](<https://access.redhat.com/security/cve/CVE-2021-1870>), [CVE-2021-21775](<https://access.redhat.com/security/cve/CVE-2021-21775>), [CVE-2021-21779](<https://access.redhat.com/security/cve/CVE-2021-21779>), [CVE-2021-21806](<https://access.redhat.com/security/cve/CVE-2021-21806>), [CVE-2021-30661](<https://access.redhat.com/security/cve/CVE-2021-30661>), [CVE-2021-30663](<https://access.redhat.com/security/cve/CVE-2021-30663>), [CVE-2021-30665](<https://access.redhat.com/security/cve/CVE-2021-30665>), [CVE-2021-30666](<https://access.redhat.com/security/cve/CVE-2021-30666>), [CVE-2021-30682](<https://access.redhat.com/security/cve/CVE-2021-30682>), [CVE-2021-30689](<https://access.redhat.com/security/cve/CVE-2021-30689>), [CVE-2021-30720](<https://access.redhat.com/security/cve/CVE-2021-30720>), [CVE-2021-30734](<https://access.redhat.com/security/cve/CVE-2021-30734>), [CVE-2021-30744](<https://access.redhat.com/security/cve/CVE-2021-30744>), [CVE-2021-30749](<https://access.redhat.com/security/cve/CVE-2021-30749>), [CVE-2021-30758](<https://access.redhat.com/security/cve/CVE-2021-30758>), [CVE-2021-30761](<https://access.redhat.com/security/cve/CVE-2021-30761>), [CVE-2021-30762](<https://access.redhat.com/security/cve/CVE-2021-30762>), [CVE-2021-30795](<https://access.redhat.com/security/cve/CVE-2021-30795>), [CVE-2021-30797](<https://access.redhat.com/security/cve/CVE-2021-30797>), [CVE-2021-30799](<https://access.redhat.com/security/cve/CVE-2021-30799>), [CVE-2021-30809](<https://access.redhat.com/security/cve/CVE-2021-30809>), [CVE-2021-30818](<https://access.redhat.com/security/cve/CVE-2021-30818>), [CVE-2021-30836](<https://access.redhat.com/security/cve/CVE-2021-30836>), [CVE-2021-30846](<https://access.redhat.com/security/cve/CVE-2021-30846>), [CVE-2021-30848](<https://access.redhat.com/security/cve/CVE-2021-30848>), [CVE-2021-30849](<https://access.redhat.com/security/cve/CVE-2021-30849>), [CVE-2021-30851](<https://access.redhat.com/security/cve/CVE-2021-30851>), [CVE-2021-30887](<https://access.redhat.com/security/cve/CVE-2021-30887>), [CVE-2021-30888](<https://access.redhat.com/security/cve/CVE-2021-30888>), [CVE-2021-30889](<https://access.redhat.com/security/cve/CVE-2021-30889>), [CVE-2021-30890](<https://access.redhat.com/security/cve/CVE-2021-30890>), [CVE-2021-30934](<https://access.redhat.com/security/cve/CVE-2021-30934>), [CVE-2021-30936](<https://access.redhat.com/security/cve/CVE-2021-30936>), [CVE-2021-30951](<https://access.redhat.com/security/cve/CVE-2021-30951>), [CVE-2021-30952](<https://access.redhat.com/security/cve/CVE-2021-30952>), [CVE-2021-30953](<https://access.redhat.com/security/cve/CVE-2021-30953>), [CVE-2021-30954](<https://access.redhat.com/security/cve/CVE-2021-30954>), [CVE-2021-30984](<https://access.redhat.com/security/cve/CVE-2021-30984>), [CVE-2021-32912](<https://access.redhat.com/security/cve/CVE-2021-32912>), [CVE-2021-42762](<https://access.redhat.com/security/cve/CVE-2021-42762>), [CVE-2021-45481](<https://access.redhat.com/security/cve/CVE-2021-45481>), [CVE-2021-45482](<https://access.redhat.com/security/cve/CVE-2021-45482>), [CVE-2021-45483](<https://access.redhat.com/security/cve/CVE-2021-45483>), [CVE-2022-22590](<https://access.redhat.com/security/cve/CVE-2022-22590>), [CVE-2022-22592](<https://access.redhat.com/security/cve/CVE-2022-22592>), [CVE-2022-22662](<https://access.redhat.com/security/cve/CVE-2022-22662>), [CVE-2022-22677](<https://access.redhat.com/security/cve/CVE-2022-22677>), [CVE-2022-26700](<https://access.redhat.com/security/cve/CVE-2022-26700>), [CVE-2022-26709](<https://access.redhat.com/security/cve/CVE-2022-26709>), [CVE-2022-26710](<https://access.redhat.com/security/cve/CVE-2022-26710>), [CVE-2022-26716](<https://access.redhat.com/security/cve/CVE-2022-26716>), [CVE-2022-26717](<https://access.redhat.com/security/cve/CVE-2022-26717>), [CVE-2022-26719](<https://access.redhat.com/security/cve/CVE-2022-26719>), [CVE-2022-30293](<https://access.redhat.com/security/cve/CVE-2022-30293>), [CVE-2022-32792](<https://access.redhat.com/security/cve/CVE-2022-32792>), [CVE-2022-32793](<https://access.redhat.com/security/cve/CVE-2022-32793>), [CVE-2022-32816](<https://access.redhat.com/security/cve/CVE-2022-32816>), [CVE-2022-32885](<https://access.redhat.com/security/cve/CVE-2022-32885>), [CVE-2022-32888](<https://access.redhat.com/security/cve/CVE-2022-32888>), [CVE-2022-32923](<https://access.redhat.com/security/cve/CVE-2022-32923>), [CVE-2022-42799](<https://access.redhat.com/security/cve/CVE-2022-42799>), [CVE-2022-42824](<https://access.redhat.com/security/cve/CVE-2022-42824>), [CVE-2022-42826](<https://access.redhat.com/security/cve/CVE-2022-42826>), [CVE-2022-42852](<https://access.redhat.com/security/cve/CVE-2022-42852>), [CVE-2022-42856](<https://access.redhat.com/security/cve/CVE-2022-42856>), [CVE-2022-42863](<https://access.redhat.com/security/cve/CVE-2022-42863>), [CVE-2022-42867](<https://access.redhat.com/security/cve/CVE-2022-42867>), [CVE-2022-46691](<https://access.redhat.com/security/cve/CVE-2022-46691>), [CVE-2022-46692](<https://access.redhat.com/security/cve/CVE-2022-46692>), [CVE-2022-46698](<https://access.redhat.com/security/cve/CVE-2022-46698>), [CVE-2022-46699](<https://access.redhat.com/security/cve/CVE-2022-46699>), [CVE-2022-46700](<https://access.redhat.com/security/cve/CVE-2022-46700>), [CVE-2023-2203](<https://access.redhat.com/security/cve/CVE-2023-2203>), [CVE-2023-23517](<https://access.redhat.com/security/cve/CVE-2023-23517>), [CVE-2023-23518](<https://access.redhat.com/security/cve/CVE-2023-23518>), [CVE-2023-23529](<https://access.redhat.com/security/cve/CVE-2023-23529>), [CVE-2023-25358](<https://access.redhat.com/security/cve/CVE-2023-25358>), [CVE-2023-25360](<https://access.redhat.com/security/cve/CVE-2023-25360>), [CVE-2023-25361](<https://access.redhat.com/security/cve/CVE-2023-25361>), [CVE-2023-25362](<https://access.redhat.com/security/cve/CVE-2023-25362>), [CVE-2023-25363](<https://access.redhat.com/security/cve/CVE-2023-25363>), [CVE-2023-27932](<https://access.redhat.com/security/cve/CVE-2023-27932>), [CVE-2023-27954](<https://access.redhat.com/security/cve/CVE-2023-27954>), [CVE-2023-28204](<https://access.redhat.com/security/cve/CVE-2023-28204>), [CVE-2023-28205](<https://access.redhat.com/security/cve/CVE-2023-28205>), [CVE-2023-32373](<https://access.redhat.com/security/cve/CVE-2023-32373>), [CVE-2023-32409](<https://access.redhat.com/security/cve/CVE-2023-32409>)\n\nMitre: [CVE-2020-22592](<https://vulners.com/cve/CVE-2020-22592>), [CVE-2020-27918](<https://vulners.com/cve/CVE-2020-27918>), [CVE-2020-29623](<https://vulners.com/cve/CVE-2020-29623>), [CVE-2021-1765](<https://vulners.com/cve/CVE-2021-1765>), [CVE-2021-1788](<https://vulners.com/cve/CVE-2021-1788>), [CVE-2021-1789](<https://vulners.com/cve/CVE-2021-1789>), [CVE-2021-1799](<https://vulners.com/cve/CVE-2021-1799>), [CVE-2021-1801](<https://vulners.com/cve/CVE-2021-1801>), [CVE-2021-1817](<https://vulners.com/cve/CVE-2021-1817>), [CVE-2021-1820](<https://vulners.com/cve/CVE-2021-1820>), [CVE-2021-1825](<https://vulners.com/cve/CVE-2021-1825>), [CVE-2021-1826](<https://vulners.com/cve/CVE-2021-1826>), [CVE-2021-1844](<https://vulners.com/cve/CVE-2021-1844>), [CVE-2021-1870](<https://vulners.com/cve/CVE-2021-1870>), [CVE-2021-21775](<https://vulners.com/cve/CVE-2021-21775>), [CVE-2021-21779](<https://vulners.com/cve/CVE-2021-21779>), [CVE-2021-21806](<https://vulners.com/cve/CVE-2021-21806>), [CVE-2021-30661](<https://vulners.com/cve/CVE-2021-30661>), [CVE-2021-30663](<https://vulners.com/cve/CVE-2021-30663>), [CVE-2021-30665](<https://vulners.com/cve/CVE-2021-30665>), [CVE-2021-30666](<https://vulners.com/cve/CVE-2021-30666>), [CVE-2021-30682](<https://vulners.com/cve/CVE-2021-30682>), [CVE-2021-30689](<https://vulners.com/cve/CVE-2021-30689>), [CVE-2021-30720](<https://vulners.com/cve/CVE-2021-30720>), [CVE-2021-30734](<https://vulners.com/cve/CVE-2021-30734>), [CVE-2021-30744](<https://vulners.com/cve/CVE-2021-30744>), [CVE-2021-30749](<https://vulners.com/cve/CVE-2021-30749>), [CVE-2021-30758](<https://vulners.com/cve/CVE-2021-30758>), [CVE-2021-30761](<https://vulners.com/cve/CVE-2021-30761>), [CVE-2021-30762](<https://vulners.com/cve/CVE-2021-30762>), [CVE-2021-30795](<https://vulners.com/cve/CVE-2021-30795>), [CVE-2021-30797](<https://vulners.com/cve/CVE-2021-30797>), [CVE-2021-30799](<https://vulners.com/cve/CVE-2021-30799>), [CVE-2021-30809](<https://vulners.com/cve/CVE-2021-30809>), [CVE-2021-30818](<https://vulners.com/cve/CVE-2021-30818>), [CVE-2021-30836](<https://vulners.com/cve/CVE-2021-30836>), [CVE-2021-30846](<https://vulners.com/cve/CVE-2021-30846>), [CVE-2021-30848](<https://vulners.com/cve/CVE-2021-30848>), [CVE-2021-30849](<https://vulners.com/cve/CVE-2021-30849>), [CVE-2021-30851](<https://vulners.com/cve/CVE-2021-30851>), [CVE-2021-30887](<https://vulners.com/cve/CVE-2021-30887>), [CVE-2021-30888](<https://vulners.com/cve/CVE-2021-30888>), [CVE-2021-30889](<https://vulners.com/cve/CVE-2021-30889>), [CVE-2021-30890](<https://vulners.com/cve/CVE-2021-30890>), [CVE-2021-30934](<https://vulners.com/cve/CVE-2021-30934>), [CVE-2021-30936](<https://vulners.com/cve/CVE-2021-30936>), [CVE-2021-30951](<https://vulners.com/cve/CVE-2021-30951>), [CVE-2021-30952](<https://vulners.com/cve/CVE-2021-30952>), [CVE-2021-30953](<https://vulners.com/cve/CVE-2021-30953>), [CVE-2021-30954](<https://vulners.com/cve/CVE-2021-30954>), [CVE-2021-30984](<https://vulners.com/cve/CVE-2021-30984>), [CVE-2021-32912](<https://vulners.com/cve/CVE-2021-32912>), [CVE-2021-42762](<https://vulners.com/cve/CVE-2021-42762>), [CVE-2021-45481](<https://vulners.com/cve/CVE-2021-45481>), [CVE-2021-45482](<https://vulners.com/cve/CVE-2021-45482>), [CVE-2021-45483](<https://vulners.com/cve/CVE-2021-45483>), [CVE-2022-22590](<https://vulners.com/cve/CVE-2022-22590>), [CVE-2022-22592](<https://vulners.com/cve/CVE-2022-22592>), [CVE-2022-22662](<https://vulners.com/cve/CVE-2022-22662>), [CVE-2022-22677](<https://vulners.com/cve/CVE-2022-22677>), [CVE-2022-26700](<https://vulners.com/cve/CVE-2022-26700>), [CVE-2022-26709](<https://vulners.com/cve/CVE-2022-26709>), [CVE-2022-26710](<https://vulners.com/cve/CVE-2022-26710>), [CVE-2022-26716](<https://vulners.com/cve/CVE-2022-26716>), [CVE-2022-26717](<https://vulners.com/cve/CVE-2022-26717>), [CVE-2022-26719](<https://vulners.com/cve/CVE-2022-26719>), [CVE-2022-30293](<https://vulners.com/cve/CVE-2022-30293>), [CVE-2022-32792](<https://vulners.com/cve/CVE-2022-32792>), [CVE-2022-32793](<https://vulners.com/cve/CVE-2022-32793>), [CVE-2022-32816](<https://vulners.com/cve/CVE-2022-32816>), [CVE-2022-32885](<https://vulners.com/cve/CVE-2022-32885>), [CVE-2022-32888](<https://vulners.com/cve/CVE-2022-32888>), [CVE-2022-32923](<https://vulners.com/cve/CVE-2022-32923>), [CVE-2022-42799](<https://vulners.com/cve/CVE-2022-42799>), [CVE-2022-42824](<https://vulners.com/cve/CVE-2022-42824>), [CVE-2022-42826](<https://vulners.com/cve/CVE-2022-42826>), [CVE-2022-42852](<https://vulners.com/cve/CVE-2022-42852>), [CVE-2022-42856](<https://vulners.com/cve/CVE-2022-42856>), [CVE-2022-42863](<https://vulners.com/cve/CVE-2022-42863>), [CVE-2022-42867](<https://vulners.com/cve/CVE-2022-42867>), [CVE-2022-46691](<https://vulners.com/cve/CVE-2022-46691>), [CVE-2022-46692](<https://vulners.com/cve/CVE-2022-46692>), [CVE-2022-46698](<https://vulners.com/cve/CVE-2022-46698>), [CVE-2022-46699](<https://vulners.com/cve/CVE-2022-46699>), [CVE-2022-46700](<https://vulners.com/cve/CVE-2022-46700>), [CVE-2023-2203](<https://vulners.com/cve/CVE-2023-2203>), [CVE-2023-23517](<https://vulners.com/cve/CVE-2023-23517>), [CVE-2023-23518](<https://vulners.com/cve/CVE-2023-23518>), [CVE-2023-23529](<https://vulners.com/cve/CVE-2023-23529>), [CVE-2023-25358](<https://vulners.com/cve/CVE-2023-25358>), [CVE-2023-25360](<https://vulners.com/cve/CVE-2023-25360>), [CVE-2023-25361](<https://vulners.com/cve/CVE-2023-25361>), [CVE-2023-25362](<https://vulners.com/cve/CVE-2023-25362>), [CVE-2023-25363](<https://vulners.com/cve/CVE-2023-25363>), [CVE-2023-27932](<https://vulners.com/cve/CVE-2023-27932>), [CVE-2023-27954](<https://vulners.com/cve/CVE-2023-27954>), [CVE-2023-28204](<https://vulners.com/cve/CVE-2023-28204>), [CVE-2023-28205](<https://vulners.com/cve/CVE-2023-28205>), [CVE-2023-32373](<https://vulners.com/cve/CVE-2023-32373>), [CVE-2023-32409](<https://vulners.com/cve/CVE-2023-32409>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-06-07T23:52:00", "type": "amazon", "title": "Important: webkitgtk4", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-22592", "CVE-2020-27918", "CVE-2020-29623", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-32912", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45481", "CVE-2021-45482", "CVE-2021-45483", "CVE-2022-22590", "CVE-2022-22592", "CVE-2022-22662", "CVE-2022-22677", "CVE-2022-26700", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26719", "CVE-2022-30293", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32816", "CVE-2022-32885", "CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42824", "CVE-2022-42826", "CVE-2022-42852", "CVE-2022-42856", "CVE-2022-42863", "CVE-2022-42867", "CVE-2022-46691", "CVE-2022-46692", "CVE-2022-46698", "CVE-2022-46699", "CVE-2022-46700", "CVE-2023-2203", "CVE-2023-23517", "CVE-2023-23518", "CVE-2023-23529", "CVE-2023-25358", "CVE-2023-25360", "CVE-2023-25361", "CVE-2023-25362", "CVE-2023-25363", "CVE-2023-27932", "CVE-2023-27954", "CVE-2023-28204", "CVE-2023-28205", "CVE-2023-32373", "CVE-2023-32409"], "modified": "2023-06-12T23:09:00", "id": "ALAS2-2023-2088", "href": "https://alas.aws.amazon.com/AL2/ALAS-2023-2088.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}