A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.
{"prion": [{"lastseen": "2023-08-16T03:04:20", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-09-08T15:15:00", "type": "prion", "title": "CVE-2021-30682", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30682"], "modified": "2021-09-20T14:59:00", "id": "PRION:CVE-2021-30682", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-30682", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:06:14", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-09-08T15:15:00", "type": "alpinelinux", "title": "CVE-2021-30682", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30682"], "modified": "2021-09-20T14:59:00", "id": "ALPINE:CVE-2021-30682", "href": "https://security.alpinelinux.org/vuln/CVE-2021-30682", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2023-09-09T02:50:58", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.", "cvss3": {}, "published": "2021-09-08T15:15:00", "type": "debiancve", "title": "CVE-2021-30682", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-30682"], "modified": "2021-09-08T15:15:00", "id": "DEBIANCVE:CVE-2021-30682", "href": "https://security-tracker.debian.org/tracker/CVE-2021-30682", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-05-27T17:16:45", "description": "A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-07-28T13:53:44", "type": "redhatcve", "title": "CVE-2021-30682", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30682"], "modified": "2023-04-06T08:52:31", "id": "RH:CVE-2021-30682", "href": "https://access.redhat.com/security/cve/cve-2021-30682", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2023-07-27T22:58:41", "description": "A logic issue was addressed with improved restrictions. This issue is fixed\nin tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\nwatchOS 7.5. A malicious application may be able to leak sensitive user\ninformation.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-09-08T00:00:00", "type": "ubuntucve", "title": "CVE-2021-30682", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30682"], "modified": "2021-09-08T00:00:00", "id": "UB:CVE-2021-30682", "href": "https://ubuntu.com/security/CVE-2021-30682", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "apple": [{"lastseen": "2023-07-25T06:05:59", "description": "# About the security content of Safari 14.1.1\n\nThis document describes the security content of Safari 14.1.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 14.1.1\n\nReleased May 24, 2021\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative\n\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.\n\nCVE-2021-30744: Dan Hite of jsontop\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: A malicious website may be able to access restricted ports on arbitrary servers\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30720: David Sch\u00fctz (@xdavidhu)\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30682: Prakash (@1lastBr3ath)\n\nEntry updated July 21, 2021\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30689: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2021-30663: an anonymous researcher\n\n**WebRTC**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A null pointer dereference was addressed with improved input validation.\n\nCVE-2021-23841: Tavis Ormandy of Google\n\nCVE-2021-30698: Tavis Ormandy of Google\n\n\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 21, 2021\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "apple", "title": "About the security content of Safari 14.1.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21779", "CVE-2021-23841", "CVE-2021-30663", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30698", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749"], "modified": "2021-05-24T00:00:00", "id": "APPLE:CABE34499864F4FA47751E5A9FCC58AC", "href": "https://support.apple.com/kb/HT212534", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-28T22:05:09", "description": "# About the security content of tvOS 14.6\n\nThis document describes the security content of tvOS 14.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 14.6\n\nReleased May 24, 2021\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30686: Mickey Jin of Trend Micro\n\n**CoreText**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30753: Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-30733: Sunglin from the Knownsec 404\n\nEntry added July 21, 2021\n\n**Crash Reporter**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30727: Cees Elzinga\n\n**CVMS**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2021-30771: Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team\n\nEntry added January 19, 2022\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30755: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added July 21, 2021\n\n**Heimdal**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30697: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may cause a denial of service or potentially disclose memory contents\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30710: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted ASTC file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30705: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted image may lead to disclosure of user information.\n\nCVE-2021-30706: Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-30740: Linus Henze (pinauten.de)\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30704: an anonymous researcher\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30715: The UK's National Cyber Security Centre (NCSC)\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved size validation.\n\nCVE-2021-30736: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A double free issue was addressed with improved memory management\n\nDescription: An application may be able to execute arbitrary code with kernel privileges.\n\nCVE-2021-30703: an anonymous researcher\n\nEntry added July 21, 2021\n\n**LaunchServices**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2021-30677: Ron Waisberg (@epsilan)\n\n**Security**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.\n\nCVE-2021-30737: xerub\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.\n\nCVE-2021-30744: Dan Hite of jsontop\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30682: an anonymous researcher and 1lastBr3ath\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30689: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative\n\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious website may be able to access restricted ports on arbitrary servers\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30720: David Sch\u00fctz (@xdavidhu)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2021-30663: an anonymous researcher\n\n\n\n## Additional recognition\n\n**ImageIO**\n\nWe would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 19, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "apple", "title": "About the security content of tvOS 14.6", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21779", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30677", "CVE-2021-30682", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30689", "CVE-2021-30697", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30703", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30706", "CVE-2021-30707", "CVE-2021-30710", "CVE-2021-30715", "CVE-2021-30720", "CVE-2021-30724", "CVE-2021-30727", "CVE-2021-30733", "CVE-2021-30734", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30740", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30753", "CVE-2021-30755", "CVE-2021-30771"], "modified": "2021-05-24T00:00:00", "id": "APPLE:63DD59AAEDECD46C156A7668A930E353", "href": "https://support.apple.com/kb/HT212532", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-07-25T22:39:29", "description": "# About the security content of watchOS 7.5\n\nThis document describes the security content of watchOS 7.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 7.5\n\nReleased May 24, 2021\n\n**Audio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative\n\n**Audio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro\n\n**Core Services**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2021-30681: Zhongcheng Li (CK01)\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30686: Mickey Jin of Trend Micro\n\n**CoreText**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30753: Xingwei Lin of Ant Security Light-Year Lab\n\nCVE-2021-30733: Sunglin from the Knownsec 404\n\nEntry added July 21, 2021\n\n**Crash Reporter**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30727: Cees Elzinga\n\n**CVMS**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro\n\n**FontParser**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2021-30771: Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team\n\nEntry added January 19, 2022\n\n**FontParser**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30755: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added July 21, 2021\n\n**Heimdal**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30697: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may cause a denial of service or potentially disclose memory contents\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30710: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted ASTC file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30705: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted image may lead to disclosure of user information.\n\nCVE-2021-30706: Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-30740: Linus Henze (pinauten.de)\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30704: an anonymous researcher\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30715: The UK's National Cyber Security Centre (NCSC)\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved size validation.\n\nCVE-2021-30736: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A double free issue was addressed with improved memory management\n\nDescription: An application may be able to execute arbitrary code with kernel privileges.\n\nCVE-2021-30703: an anonymous researcher\n\nEntry added July 21, 2021\n\n**LaunchServices**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2021-30677: Ron Waisberg (@epsilan)\n\n**Security**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.\n\nCVE-2021-30737: xerub\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.\n\nCVE-2021-30744: Dan Hite of jsontop\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30682: an anonymous researcher and 1lastBr3ath\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30689: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative\n\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A malicious website may be able to access restricted ports on arbitrary servers\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30720: David Sch\u00fctz (@xdavidhu)\n\n\n\n## Additional recognition\n\n**CommCenter**\n\nWe would like to acknowledge CHRISTIAN MINA for their assistance.\n\n**ImageIO**\n\nWe would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance.\n\n**Mail Drafts**\n\nWe would like to acknowledge Lauritz Holtmann (@_lauritz_) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 19, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "apple", "title": "About the security content of watchOS 7.5", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21779", "CVE-2021-30677", "CVE-2021-30681", "CVE-2021-30682", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30689", "CVE-2021-30697", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30703", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30706", "CVE-2021-30707", "CVE-2021-30710", "CVE-2021-30715", "CVE-2021-30720", "CVE-2021-30724", "CVE-2021-30727", "CVE-2021-30733", "CVE-2021-30734", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30740", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30753", "CVE-2021-30755", "CVE-2021-30771"], "modified": "2021-05-24T00:00:00", "id": "APPLE:3D2B7EA0D2FC28210AECB76B2C407C9F", "href": "https://support.apple.com/kb/HT212533", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T22:02:30", "description": "# About the security content of iOS 14.6 and iPadOS 14.6\n\nThis document describes the security content of iOS 14.6 and iPadOS 14.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 14.6 and iPadOS 14.6\n\nReleased May 24, 2021\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro\n\n**AVEVideoEncoder**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to cause unexpected system termination or write kernel memory\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2021-30714: @08Tc3wBB of ZecOps, and George Nosenko\n\n**CommCenter**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A device may accept invalid activation results\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30729: CHRISTIAN MINA\n\n**Core Services**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2021-30681: Zhongcheng Li (CK01)\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30686: Mickey Jin of Trend Micro\n\n**CoreText**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30733: Sunglin from the Knownsec 404\n\nCVE-2021-30753: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added July 21, 2021\n\n**Crash Reporter**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30727: Cees Elzinga\n\n**CVMS**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro\n\n**FontParser**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2021-30771: Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team\n\nEntry added January 19, 2022\n\n**Heimdal**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30697: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may cause a denial of service or potentially disclose memory contents\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30710: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted ASTC file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30705: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted image may lead to disclosure of user information.\n\nCVE-2021-30706: Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-30740: Linus Henze (pinauten.de)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may disclose restricted memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30674: Siddharth Aeri (@b1n4r1b01)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30704: an anonymous researcher\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30715: The UK's National Cyber Security Centre (NCSC)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved size validation.\n\nCVE-2021-30736: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A double free issue was addressed with improved memory management\n\nDescription: An application may be able to execute arbitrary code with kernel privileges.\n\nCVE-2021-30703: an anonymous researcher\n\nEntry added July 21, 2021\n\n**LaunchServices**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2021-30677: Ron Waisberg (@epsilan)\n\n**Mail**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30741: SYMaster of ZecOps Mobile EDR Team\n\n**MediaRemote**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A privacy issue in Now Playing was addressed with improved permissions\n\nDescription: A local attacker may be able to view Now Playing information from the lock screen.\n\nCVE-2021-30756: Ricky D'Amelio, Jatayu Holznagel (@jholznagel)\n\nEntry added July 21, 2021\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2021-30723: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30691: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30692: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30694: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-30746: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30693: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30695: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-30708: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30709: Mickey Jin (@patch1t) of Trend Micro\n\n**Networking**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Visiting a maliciously crafted webpage may lead to a system denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-1821: Georgi Valkov (httpstorm.com)\n\nEntry added January 19, 2022\n\n**Notes**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user may be able to view restricted content from the lockscreen\n\nDescription: A window management issue was addressed with improved state management.\n\nCVE-2021-30699: videosdebarraquito\n\n**Safari**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user may be unable to fully delete browsing history\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2021-30999: an anonymous researcher\n\nEntry added May 25, 2022\n\n**Security**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.\n\nCVE-2021-30737: xerub\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.\n\nCVE-2021-30744: Dan Hite of jsontop\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30682: Prakash (@1lastBr3ath)\n\nEntry updated on July 21, 2021\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30689: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative\n\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious website may be able to access restricted ports on arbitrary servers\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30720: David Sch\u00fctz (@xdavidhu)\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A null pointer dereference was addressed with improved input validation.\n\nCVE-2021-23841: Tavis Ormandy of Google\n\nCVE-2021-30698: Tavis Ormandy of Google\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-30667: Raul Siles of DinoSec (@dinosec)\n\n\n\n## Additional recognition\n\n**AVEVideoEncoder**\n\nWe would like to acknowledge @08Tc3wBB for their assistance.\n\n**CommCenter**\n\nWe would like to acknowledge CHRISTIAN MINA and Stefan Sterz (@0x7374) of Secure Mobile Networking Lab at TU Darmstadt and Industrial Software at TU Wien for their assistance.\n\n**CoreCapture**\n\nWe would like to acknowledge Zuozhi Fan (@pattern_F_) of Ant-financial TianQiong Security Lab for their assistance.\n\n**ImageIO**\n\nWe would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance.\n\n**Kernel**\n\nWe would like to acknowledge Saar Amar (@AmarSaar) for their assistance.\n\n**Mail Drafts**\n\nWe would like to acknowledge Lauritz Holtmann (@_lauritz_) for their assistance.\n\n**NetworkExtension**\n\nWe would like to acknowledge Matthias Ortmann of Secure Mobile Networking Lab for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 25, 2022\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "apple", "title": "About the security content of iOS 14.6 and iPadOS 14.6", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1821", "CVE-2021-21779", "CVE-2021-23841", "CVE-2021-30667", "CVE-2021-30674", "CVE-2021-30677", "CVE-2021-30681", "CVE-2021-30682", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30689", "CVE-2021-30691", "CVE-2021-30692", "CVE-2021-30693", "CVE-2021-30694", "CVE-2021-30695", "CVE-2021-30697", "CVE-2021-30698", "CVE-2021-30699", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30703", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30706", "CVE-2021-30707", "CVE-2021-30708", "CVE-2021-30709", "CVE-2021-30710", "CVE-2021-30714", "CVE-2021-30715", "CVE-2021-30720", "CVE-2021-30723", "CVE-2021-30724", "CVE-2021-30725", "CVE-2021-30727", "CVE-2021-30729", "CVE-2021-30733", "CVE-2021-30734", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30740", "CVE-2021-30741", "CVE-2021-30744", "CVE-2021-30746", "CVE-2021-30749", "CVE-2021-30753", "CVE-2021-30756", "CVE-2021-30771", "CVE-2021-30999"], "modified": "2021-05-24T00:00:00", "id": "APPLE:8592A5882F33472850FF959BB2667129", "href": "https://support.apple.com/kb/HT212528", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-07-25T06:06:17", "description": "# About the security content of macOS Big Sur 11.4\n\nThis document describes the security content of macOS Big Sur 11.4.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## macOS Big Sur 11.4\n\nReleased May 24, 2021\n\n**AMD**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30678: Yu Wang of Didi Research America\n\n**AMD**\n\nAvailable for: macOS Big Sur\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30676: shrek_wzw\n\n**App Store**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A path handling issue was addressed with improved validation.\n\nCVE-2021-30688: Thijs Alkemade of Computest Research Division\n\n**AppleScript**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30669: Yair Hoffman\n\n**Audio**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative\n\n**Audio**\n\nAvailable for: macOS Big Sur\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro\n\n**Bluetooth**\n\nAvailable for: macOS Big Sur\n\nImpact: A memory corruption issue was addressed with improved state management\n\nDescription: A malicious application may be able to gain root privileges\n\nCVE-2021-30672: say2 of ENKI\n\nEntry added July 21, 2021\n\n**Core Services**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2021-30681: Zhongcheng Li (CK01)\n\n**CoreAudio**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted audio file may disclose restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30686: Mickey Jin of Trend Micro\n\n**CoreText**\n\nAvailable for: macOS Big Sur\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory.\n\nCVE-2021-30733: Sunglin from the Knownsec 404\n\nCVE-2021-30753: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added July 21, 2021\n\n**Crash Reporter**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30727: Cees Elzinga\n\n**CVMS**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro\n\n**Dock**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to access a user's call history\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2021-30673: Josh Parnham (@joshparnham)\n\n**FontParser**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2021-30771: Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team\n\nEntry added January 19, 2022\n\n**FontParser**\n\nAvailable for: macOS Big Sur\n\nImpact: An out-of-bounds read was addressed with improved input validation\n\nDescription: Processing a maliciously crafted font may result in the disclosure of process memory\n\nCVE-2021-30755: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added July 21, 2021\n\n**Graphics Drivers**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may cause an unexpected application termination or arbitrary code execution\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30684: Liu Long of Ant Security Light-Year Lab\n\n**Graphics Drivers**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30735: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**Heimdal**\n\nAvailable for: macOS Big Sur\n\nImpact: A local user may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30697: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may cause a denial of service or potentially disclose memory contents\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30710: Gabe Kirkpatrick (@gabe_k)\n\n**Heimdal**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application could execute arbitrary code leading to compromise of user information\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-30683: Gabe Kirkpatrick (@gabe_k)\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted ASTC file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30705: Ye Zhang of Baidu Security\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: This issue was addressed with improved checks\n\nDescription: Processing a maliciously crafted image may lead to disclosure of user information.\n\nCVE-2021-30706: Anonymous working with Trend Micro Zero Day Initiative, Jzhu working with Trend Micro Zero Day Initiative\n\nEntry added July 21, 2021\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Big Sur\n\nImpact: A local user may be able to cause unexpected system termination or read kernel memory\n\nDescription: An out-of-bounds read issue was addressed by removing the vulnerable code.\n\nCVE-2021-30719: an anonymous researcher working with Trend Micro Zero Day Initiative\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2021-30728: Liu Long of Ant Security Light-Year Lab\n\nCVE-2021-30726: Yinyi Wu(@3ndy1) of Qihoo 360 Vulcan Team\n\n**IOUSBHostFamily**\n\nAvailable for: macOS Big Sur\n\nImpact: This issue was addressed with improved checks\n\nDescription: An unprivileged application may be able to capture USB devices.\n\nCVE-2021-30731: UTM (@UTMapp)\n\nEntry added July 21, 2021\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2021-30740: Linus Henze (pinauten.de)\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30704: an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30715: The UK's National Cyber Security Centre (NCSC)\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved size validation.\n\nCVE-2021-30736: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2021-30739: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: A double free issue was addressed with improved memory management\n\nDescription: An application may be able to execute arbitrary code with kernel privileges.\n\nCVE-2021-30703: an anonymous researcher\n\nEntry added July 21, 2021\n\n**Kext Management**\n\nAvailable for: macOS Big Sur\n\nImpact: A local user may be able to load unsigned kernel extensions\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30680: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**LaunchServices**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2021-30677: Ron Waisberg (@epsilan)\n\n**Login Window**\n\nAvailable for: macOS Big Sur\n\nImpact: A person with physical access to a Mac may be able to bypass Login Window\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30702: Jewel Lambert of Original Spin, LLC.\n\n**Mail**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to misrepresent application state\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30696: Fabian Ising and Damian Poddebniak of M\u00fcnster University of Applied Sciences\n\n**MediaRemote**\n\nAvailable for: macOS Big Sur\n\nImpact: A privacy issue in Now Playing was addressed with improved permissions\n\nDescription: A local attacker may be able to view Now Playing information from the lock screen.\n\nCVE-2021-30756: Ricky D'Amelio, Jatayu Holznagel (@jholznagel)\n\nEntry added July 21, 2021\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2021-30723: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30691: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30692: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2021-30694: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-30746: Mickey Jin (@patch1t) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30693: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2021-30695: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2021-30708: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro\n\n**Model I/O**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30709: Mickey Jin (@patch1t) of Trend Micro\n\n**NSOpenPanel**\n\nAvailable for: macOS Big Sur\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2021-30679: Gabe Kirkpatrick (@gabe_k)\n\n**OpenLDAP**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-36226\n\nCVE-2020-36227\n\nCVE-2020-36223\n\nCVE-2020-36224\n\nCVE-2020-36225\n\nCVE-2020-36221\n\nCVE-2020-36228\n\nCVE-2020-36222\n\nCVE-2020-36230\n\nCVE-2020-36229\n\n**PackageKit**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to overwrite arbitrary files\n\nDescription: An issue with path validation logic for hardlinks was addressed with improved path sanitization.\n\nCVE-2021-30738: Qingyang Chen of Topsec Alpha Team and Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Sandbox**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to bypass certain Privacy preferences\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2021-30751: Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added July 21, 2021\n\n**Security**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.\n\nCVE-2021-30737: xerub\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to perform denial of service\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30716: Aleksandar Nikolic of Cisco Talos\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to execute arbitrary code\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2021-30717: Aleksandar Nikolic of Cisco Talos\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to leak sensitive user information\n\nDescription: A path handling issue was addressed with improved validation.\n\nCVE-2021-30721: Aleksandar Nikolic of Cisco Talos\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: An attacker in a privileged network position may be able to leak sensitive user information\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2021-30722: Aleksandar Nikolic of Cisco Talos\n\n**smbx**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30712: Aleksandar Nikolic of Cisco Talos\n\n**Software Update**\n\nAvailable for: macOS Big Sur\n\nImpact: A person with physical access to a Mac may be able to bypass Login Window during a software update\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30668: Syrus Kimiagar and Danilo Paffi Monteiro\n\n**SoftwareUpdate**\n\nAvailable for: macOS Big Sur\n\nImpact: A non-privileged user may be able to modify restricted settings\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-30718: SiQian Wei of ByteDance Security\n\n**TCC**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to send unauthorized Apple events to Finder\n\nDescription: A validation issue was addressed with improved logic.\n\nCVE-2021-30671: Ryan Bell (@iRyanBell)\n\n**TCC**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.\n\nDescription: A permissions issue was addressed with improved validation.\n\nCVE-2021-30713: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.\n\nCVE-2021-30744: Dan Hite of jsontop\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30682: Prakash (@1lastBr3ath)\n\nEntry updated July 21, 2021\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2021-30689: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative\n\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Big Sur\n\nImpact: A malicious website may be able to access restricted ports on arbitrary servers\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2021-30720: David Sch\u00fctz (@xdavidhu)\n\n**WebRTC**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A null pointer dereference was addressed with improved input validation.\n\nCVE-2021-23841: Tavis Ormandy of Google\n\nCVE-2021-30698: Tavis Ormandy of Google\n\n\n\n## Additional recognition\n\n**App Store**\n\nWe would like to acknowledge Thijs Alkemade of Computest Research Division for their assistance.\n\n**CoreCapture**\n\nWe would like to acknowledge Zuozhi Fan (@pattern_F_) of Ant-financial TianQiong Security Lab for their assistance.\n\n**ImageIO**\n\nWe would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance.\n\n**Mail Drafts**\n\nWe would like to acknowledge Lauritz Holtmann (@_lauritz_) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: January 19, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-24T00:00:00", "type": "apple", "title": "About the security content of macOS Big Sur 11.4", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36221", "CVE-2020-36222", "CVE-2020-36223", "CVE-2020-36224", "CVE-2020-36225", "CVE-2020-36226", "CVE-2020-36227", "CVE-2020-36228", "CVE-2020-36229", "CVE-2020-36230", "CVE-2021-21779", "CVE-2021-23841", "CVE-2021-30668", "CVE-2021-30669", "CVE-2021-30671", "CVE-2021-30672", "CVE-2021-30673", "CVE-2021-30676", "CVE-2021-30677", "CVE-2021-30678", "CVE-2021-30679", "CVE-2021-30680", "CVE-2021-30681", "CVE-2021-30682", "CVE-2021-30683", "CVE-2021-30684", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30688", "CVE-2021-30689", "CVE-2021-30691", "CVE-2021-30692", "CVE-2021-30693", "CVE-2021-30694", "CVE-2021-30695", "CVE-2021-30696", "CVE-2021-30697", "CVE-2021-30698", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30702", "CVE-2021-30703", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30706", "CVE-2021-30707", "CVE-2021-30708", "CVE-2021-30709", "CVE-2021-30710", "CVE-2021-30712", "CVE-2021-30713", "CVE-2021-30715", "CVE-2021-30716", "CVE-2021-30717", "CVE-2021-30718", "CVE-2021-30719", "CVE-2021-30720", "CVE-2021-30721", "CVE-2021-30722", "CVE-2021-30723", "CVE-2021-30724", "CVE-2021-30725", "CVE-2021-30726", "CVE-2021-30727", "CVE-2021-30728", "CVE-2021-30731", "CVE-2021-30733", "CVE-2021-30734", "CVE-2021-30735", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30738", "CVE-2021-30739", "CVE-2021-30740", "CVE-2021-30744", "CVE-2021-30746", "CVE-2021-30749", "CVE-2021-30751", "CVE-2021-30753", "CVE-2021-30755", "CVE-2021-30756", "CVE-2021-30771"], "modified": "2021-05-24T00:00:00", "id": "APPLE:B08BBADEFC88806E12CB234F1EB6C4C6", "href": "https://support.apple.com/kb/HT212529", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:41:22", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4381 advisory.\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : GNOME (RLSA-2021:4381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:libraw", "p-cpe:/a:rocky:linux:libraw-debuginfo", "p-cpe:/a:rocky:linux:libraw-debugsource", "p-cpe:/a:rocky:linux:libraw-devel", "p-cpe:/a:rocky:linux:libraw-samples", "p-cpe:/a:rocky:linux:libraw-samples-debuginfo", "p-cpe:/a:rocky:linux:libraw-static", "p-cpe:/a:rocky:linux:accountsservice", "p-cpe:/a:rocky:linux:accountsservice-debuginfo", "p-cpe:/a:rocky:linux:accountsservice-debugsource", "p-cpe:/a:rocky:linux:accountsservice-devel", "p-cpe:/a:rocky:linux:accountsservice-libs", "p-cpe:/a:rocky:linux:accountsservice-libs-debuginfo", "p-cpe:/a:rocky:linux:gdm", "p-cpe:/a:rocky:linux:gdm-debuginfo", "p-cpe:/a:rocky:linux:gdm-debugsource", "p-cpe:/a:rocky:linux:gdm-pam-extensions-devel", "p-cpe:/a:rocky:linux:gnome-autoar", "p-cpe:/a:rocky:linux:gnome-autoar-debuginfo", "p-cpe:/a:rocky:linux:gnome-autoar-debugsource", "p-cpe:/a:rocky:linux:gnome-autoar-devel", "p-cpe:/a:rocky:linux:gnome-calculator", "p-cpe:/a:rocky:linux:gnome-calculator-debuginfo", "p-cpe:/a:rocky:linux:gnome-calculator-debugsource", "p-cpe:/a:rocky:linux:gnome-classic-session", "p-cpe:/a:rocky:linux:gnome-control-center", "p-cpe:/a:rocky:linux:gnome-control-center-debuginfo", "p-cpe:/a:rocky:linux:gnome-control-center-debugsource", "p-cpe:/a:rocky:linux:gnome-control-center-filesystem", "p-cpe:/a:rocky:linux:gnome-online-accounts", "p-cpe:/a:rocky:linux:gnome-online-accounts-debuginfo", "p-cpe:/a:rocky:linux:gnome-online-accounts-debugsource", "p-cpe:/a:rocky:linux:gnome-online-accounts-devel", "p-cpe:/a:rocky:linux:gnome-session", "p-cpe:/a:rocky:linux:gnome-session-debuginfo", "p-cpe:/a:rocky:linux:gnome-session-debugsource", "p-cpe:/a:rocky:linux:gnome-session-kiosk-session", "p-cpe:/a:rocky:linux:gnome-session-wayland-session", "p-cpe:/a:rocky:linux:gnome-session-xsession", "p-cpe:/a:rocky:linux:gnome-settings-daemon", "p-cpe:/a:rocky:linux:gnome-settings-daemon-debuginfo", "p-cpe:/a:rocky:linux:gnome-settings-daemon-debugsource", "p-cpe:/a:rocky:linux:gnome-settings-daemon-devel", "p-cpe:/a:rocky:linux:gnome-shell", "p-cpe:/a:rocky:linux:gnome-shell-debuginfo", "p-cpe:/a:rocky:linux:gnome-shell-debugsource", "p-cpe:/a:rocky:linux:gnome-shell-extension-apps-menu", "p-cpe:/a:rocky:linux:gnome-shell-extension-auto-move-windows", "p-cpe:/a:rocky:linux:gnome-shell-extension-common", "p-cpe:/a:rocky:linux:gnome-shell-extension-dash-to-dock", "p-cpe:/a:rocky:linux:gnome-shell-extension-desktop-icons", "p-cpe:/a:rocky:linux:gnome-shell-extension-disable-screenshield", "p-cpe:/a:rocky:linux:gnome-shell-extension-drive-menu", "p-cpe:/a:rocky:linux:gnome-shell-extension-gesture-inhibitor", "p-cpe:/a:rocky:linux:gnome-shell-extension-heads-up-display", "p-cpe:/a:rocky:linux:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:rocky:linux:gnome-shell-extension-launch-new-instance", "p-cpe:/a:rocky:linux:gnome-shell-extension-native-window-placement", "p-cpe:/a:rocky:linux:gnome-shell-extension-no-hot-corner", "p-cpe:/a:rocky:linux:gnome-shell-extension-panel-favorites", "p-cpe:/a:rocky:linux:gnome-shell-extension-places-menu", "p-cpe:/a:rocky:linux:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:rocky:linux:gnome-shell-extension-systemmonitor", "p-cpe:/a:rocky:linux:gnome-shell-extension-top-icons", "p-cpe:/a:rocky:linux:gnome-shell-extension-updates-dialog", "p-cpe:/a:rocky:linux:gnome-shell-extension-user-theme", "p-cpe:/a:rocky:linux:gnome-shell-extension-window-grouper", "p-cpe:/a:rocky:linux:gnome-shell-extension-window-list", "p-cpe:/a:rocky:linux:gnome-shell-extension-windowsnavigator", "p-cpe:/a:rocky:linux:gnome-shell-extension-workspace-indicator", "p-cpe:/a:rocky:linux:gnome-software", "p-cpe:/a:rocky:linux:gnome-software-debuginfo", "p-cpe:/a:rocky:linux:gnome-software-debugsource", "p-cpe:/a:rocky:linux:gnome-software-devel", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:rocky:linux:gtk-update-icon-cache", "p-cpe:/a:rocky:linux:gtk-update-icon-cache-debuginfo", "p-cpe:/a:rocky:linux:gtk3", "p-cpe:/a:rocky:linux:gtk3-debuginfo", "p-cpe:/a:rocky:linux:gtk3-debugsource", "p-cpe:/a:rocky:linux:gtk3-devel", "p-cpe:/a:rocky:linux:gtk3-devel-debuginfo", "p-cpe:/a:rocky:linux:gtk3-immodule-xim", "p-cpe:/a:rocky:linux:gtk3-immodule-xim-debuginfo", "p-cpe:/a:rocky:linux:gtk3-immodules", "p-cpe:/a:rocky:linux:gtk3-immodules-debuginfo", "p-cpe:/a:rocky:linux:gtk3-tests", "p-cpe:/a:rocky:linux:gtk3-tests-debuginfo", "p-cpe:/a:rocky:linux:mutter", "p-cpe:/a:rocky:linux:mutter-debuginfo", "p-cpe:/a:rocky:linux:mutter-debugsource", "p-cpe:/a:rocky:linux:mutter-devel", "p-cpe:/a:rocky:linux:vino", "p-cpe:/a:rocky:linux:vino-debuginfo", "p-cpe:/a:rocky:linux:vino-debugsource", "p-cpe:/a:rocky:linux:webkit2gtk3", "p-cpe:/a:rocky:linux:webkit2gtk3-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-debugsource", "p-cpe:/a:rocky:linux:webkit2gtk3-devel", "p-cpe:/a:rocky:linux:webkit2gtk3-devel-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-debuginfo", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel", "p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2021-4381.NASL", "href": "https://www.tenable.com/plugins/nessus/157823", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2021:4381.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157823);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\"\n );\n script_xref(name:\"RLSA\", value:\"2021:4381\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Rocky Linux 8 : GNOME (RLSA-2021:4381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2021:4381 advisory.\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2021:4381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1651378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1770302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1791478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1813727\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1854679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1873297\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1873488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1888404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1894613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1897932\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1904139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1905000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1909300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1914925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1924725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1925640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1928794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1928886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1935261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1937416\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1937866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1938937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1940026\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1944867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1949176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1951086\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1952136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1955754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1957705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1960705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1962049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1971507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1971534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1972545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1978287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1978505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1978612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1980441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1980661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1981420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986863\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1986906\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1987233\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1989035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1998989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1999120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2004170\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30799\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-samples-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:accountsservice-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gdm-pam-extensions-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-autoar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-autoar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-autoar-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-autoar-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-calculator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-calculator-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-calculator-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-control-center-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-control-center-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-online-accounts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-online-accounts-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-online-accounts-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-online-accounts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-kiosk-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-settings-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-settings-daemon-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-settings-daemon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-gesture-inhibitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-heads-up-display\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-software\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-software-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-software-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-software-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk-update-icon-cache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodule-xim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:mutter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:mutter-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vino\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vino-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vino-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webkit2gtk3-jsc-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-debuginfo-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-debuginfo-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-debuginfo-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-debugsource-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-debugsource-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-debuginfo-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-debuginfo-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-debuginfo-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-40.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debuginfo-40.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debuginfo-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debuginfo-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debugsource-40.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debugsource-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-debugsource-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-pam-extensions-devel-40.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-pam-extensions-devel-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-pam-extensions-devel-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debuginfo-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debuginfo-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debuginfo-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debugsource-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debugsource-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-debugsource-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-devel-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-devel-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-devel-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-debuginfo-3.28.2-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-debuginfo-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-debugsource-3.28.2-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-debugsource-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-debuginfo-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-debuginfo-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-debugsource-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-debugsource-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-28.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debuginfo-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debuginfo-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debuginfo-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debugsource-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debugsource-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-debugsource-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debuginfo-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debuginfo-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debugsource-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debugsource-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debuginfo-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debuginfo-3.32.0-16.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debuginfo-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debugsource-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debugsource-3.32.0-16.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-debugsource-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-devel-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-devel-3.32.0-16.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-devel-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-debuginfo-3.32.2-40.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-debuginfo-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-debugsource-3.32.2-40.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-debugsource-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-heads-up-display-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-heads-up-display-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8_5.1', 'release':'8', 'el_string':'el8_5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debuginfo-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debuginfo-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debuginfo-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debugsource-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debugsource-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-debugsource-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodules-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodules-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodules-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodules-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-tests-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-tests-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-tests-debuginfo-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-tests-debuginfo-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debuginfo-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debuginfo-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debuginfo-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debugsource-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debugsource-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debugsource-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-samples-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-samples-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-samples-debuginfo-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-samples-debuginfo-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-static-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-static-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-static-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debuginfo-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debuginfo-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debuginfo-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debugsource-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debugsource-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-debugsource-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-debuginfo-3.22.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-debuginfo-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-debugsource-3.22.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-debugsource-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debuginfo-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-debugsource-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-debuginfo-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-debuginfo-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-debuginfo-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-debuginfo / LibRaw-debugsource / LibRaw-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:21", "description": "According to its banner, the version of Apple TV on the remote device is prior to 14.6. It is therefore affected by multiple vulnerabilities as described in the HT212532, including:\n\n - Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30665)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2021-30707)\n\n - Processing maliciously crafted web content may lead to universal cross site scripting (CVE-2021-30689)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-27T00:00:00", "type": "nessus", "title": "Apple TV < 14.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-21779", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30677", "CVE-2021-30682", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30689", "CVE-2021-30697", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30707", "CVE-2021-30710", "CVE-2021-30715", "CVE-2021-30720", "CVE-2021-30724", "CVE-2021-30727", "CVE-2021-30734", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30740", "CVE-2021-30744", "CVE-2021-30749"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_14_6.NASL", "href": "https://www.tenable.com/plugins/nessus/149992", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149992);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-21779\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30677\",\n \"CVE-2021-30682\",\n \"CVE-2021-30685\",\n \"CVE-2021-30686\",\n \"CVE-2021-30687\",\n \"CVE-2021-30689\",\n \"CVE-2021-30697\",\n \"CVE-2021-30700\",\n \"CVE-2021-30701\",\n \"CVE-2021-30704\",\n \"CVE-2021-30705\",\n \"CVE-2021-30707\",\n \"CVE-2021-30710\",\n \"CVE-2021-30715\",\n \"CVE-2021-30720\",\n \"CVE-2021-30724\",\n \"CVE-2021-30727\",\n \"CVE-2021-30734\",\n \"CVE-2021-30736\",\n \"CVE-2021-30737\",\n \"CVE-2021-30740\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT212532\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2021-05-20\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Apple TV < 14.6 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apple TV device is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apple TV on the remote device is prior to 14.6. It is therefore affected by\nmultiple vulnerabilities as described in the HT212532, including:\n\n - Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30665)\n\n - Processing a maliciously crafted audio file may lead to arbitrary code execution (CVE-2021-30707)\n\n - Processing maliciously crafted web content may lead to universal cross site scripting (CVE-2021-30689)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT212532\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 14.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30740\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-30749\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/Model\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude('appletv_func.inc');\n\nvar url, port, build, model, fixed_build, gen, tvos_ver;\n\nurl = get_kb_item_or_exit('AppleTV/URL', msg:'Cannot determine Apple TV URL.');\n\nport = get_kb_item_or_exit('AppleTV/Port', msg:'Cannot determine Apple TV port.');\n\nbuild = get_kb_item_or_exit('AppleTV/Version', msg:'Cannot determine Apple TV version.');\n\nmodel = get_kb_item_or_exit('AppleTV/Model', msg:'Cannot determine Apple TV model.');\n\nfixed_build = '18L569';\ntvos_ver = '14.6';\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : make_list(4, 5, 6),\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n port : port,\n url : url,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:58:20", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4381 advisory.\n\n - webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)\n\n - LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918, CVE-2021-1788, CVE-2021-30795)\n\n - webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n - CVE-2021-28650 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete fix) (CVE-2020-36241)\n\n - webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765, CVE-2021-1801)\n\n - webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n - webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n - webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n - webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870, CVE-2021-1871)\n\n - webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)\n\n - webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)\n\n - webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n - gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\n - webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n - webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n - webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n - webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734, CVE-2021-30749, CVE-2021-30799)\n\n - webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n - webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : GNOME (CESA-2021:4381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:libraw", "p-cpe:/a:centos:centos:libraw-devel", "p-cpe:/a:centos:centos:accountsservice", "p-cpe:/a:centos:centos:accountsservice-devel", "p-cpe:/a:centos:centos:accountsservice-libs", "p-cpe:/a:centos:centos:gnome-autoar", "p-cpe:/a:centos:centos:gnome-calculator", "p-cpe:/a:centos:centos:gnome-classic-session", "p-cpe:/a:centos:centos:gnome-control-center", "p-cpe:/a:centos:centos:gnome-control-center-filesystem", "p-cpe:/a:centos:centos:gnome-online-accounts", "p-cpe:/a:centos:centos:gnome-online-accounts-devel", "p-cpe:/a:centos:centos:gnome-session", "p-cpe:/a:centos:centos:gnome-session-kiosk-session", "p-cpe:/a:centos:centos:gnome-session-wayland-session", "p-cpe:/a:centos:centos:gnome-session-xsession", "p-cpe:/a:centos:centos:gnome-settings-daemon", "p-cpe:/a:centos:centos:gnome-shell", "p-cpe:/a:centos:centos:gnome-shell-extension-apps-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-auto-move-windows", "p-cpe:/a:centos:centos:gnome-shell-extension-common", "p-cpe:/a:centos:centos:gnome-shell-extension-dash-to-dock", "p-cpe:/a:centos:centos:gnome-shell-extension-desktop-icons", "p-cpe:/a:centos:centos:gnome-shell-extension-disable-screenshield", "p-cpe:/a:centos:centos:gnome-shell-extension-drive-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-gesture-inhibitor", "p-cpe:/a:centos:centos:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:centos:centos:gnome-shell-extension-launch-new-instance", "p-cpe:/a:centos:centos:gnome-shell-extension-native-window-placement", "p-cpe:/a:centos:centos:gnome-shell-extension-no-hot-corner", "p-cpe:/a:centos:centos:gnome-shell-extension-panel-favorites", "p-cpe:/a:centos:centos:gnome-shell-extension-places-menu", "p-cpe:/a:centos:centos:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:centos:centos:gnome-shell-extension-systemmonitor", "p-cpe:/a:centos:centos:gnome-shell-extension-top-icons", "p-cpe:/a:centos:centos:gnome-shell-extension-updates-dialog", "p-cpe:/a:centos:centos:gnome-shell-extension-user-theme", "p-cpe:/a:centos:centos:gnome-shell-extension-window-grouper", "p-cpe:/a:centos:centos:gnome-shell-extension-window-list", "p-cpe:/a:centos:centos:gnome-shell-extension-windowsnavigator", "p-cpe:/a:centos:centos:gnome-shell-extension-workspace-indicator", "p-cpe:/a:centos:centos:gnome-software", "p-cpe:/a:centos:centos:gnome-software-devel", "p-cpe:/a:centos:centos:gsettings-desktop-schemas", "p-cpe:/a:centos:centos:gsettings-desktop-schemas-devel", "p-cpe:/a:centos:centos:gtk-update-icon-cache", "p-cpe:/a:centos:centos:gtk3", "p-cpe:/a:centos:centos:gtk3-devel", "p-cpe:/a:centos:centos:gtk3-immodule-xim", "p-cpe:/a:centos:centos:mutter", "p-cpe:/a:centos:centos:mutter-devel", "p-cpe:/a:centos:centos:vino"], "id": "CENTOS8_RHSA-2021-4381.NASL", "href": "https://www.tenable.com/plugins/nessus/155097", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4381. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155097);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-13558\",\n \"CVE-2020-24870\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2020-36241\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-28650\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4381\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"CentOS 8 : GNOME (CESA-2021:4381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4381 advisory.\n\n - webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution\n (CVE-2020-13558)\n\n - LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918, CVE-2021-1788,\n CVE-2021-30795)\n\n - webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n - CVE-2021-28650 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the\n destination directory (incomplete fix) (CVE-2020-36241)\n\n - webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765, CVE-2021-1801)\n\n - webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n - webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n - webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n - webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870, CVE-2021-1871)\n\n - webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and\n possibly code execution (CVE-2021-21775)\n\n - webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code\n execution (CVE-2021-21779)\n\n - webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n - gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination\n directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\n - webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n - webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n - webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n - webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734, CVE-2021-30749,\n CVE-2021-30799)\n\n - webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack\n (CVE-2021-30744)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n - webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4381\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30799\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:accountsservice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-autoar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-calculator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-online-accounts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-online-accounts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-session-kiosk-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-gesture-inhibitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-software\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-software-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:vino\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / accountsservice / accountsservice-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:58:51", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4381 advisory.\n\n - webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)\n\n - LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918, CVE-2021-1788, CVE-2021-30795)\n\n - webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n - CVE-2021-28650 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete fix) (CVE-2020-36241)\n\n - webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765, CVE-2021-1801)\n\n - webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n - webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n - webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n - webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870, CVE-2021-1871)\n\n - webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)\n\n - webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)\n\n - webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n - gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\n - webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n - webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n - webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n - webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734, CVE-2021-30749, CVE-2021-30799)\n\n - webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n - webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : GNOME (RHSA-2021:4381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:libraw", "p-cpe:/a:redhat:enterprise_linux:libraw-devel", "p-cpe:/a:redhat:enterprise_linux:gnome-autoar", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel"], "id": "REDHAT-RHSA-2021-4381.NASL", "href": "https://www.tenable.com/plugins/nessus/155153", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4381. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155153);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-13558\",\n \"CVE-2020-24870\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2020-36241\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-28650\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4381\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n\n script_name(english:\"RHEL 8 : GNOME (RHSA-2021:4381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4381 advisory.\n\n - webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution\n (CVE-2020-13558)\n\n - LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918, CVE-2021-1788,\n CVE-2021-30795)\n\n - webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n - CVE-2021-28650 gnome-autoar: Directory traversal via directory symbolic links pointing outside of the\n destination directory (incomplete fix) (CVE-2020-36241)\n\n - webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765, CVE-2021-1801)\n\n - webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n - webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n - webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n - webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870, CVE-2021-1871)\n\n - webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and\n possibly code execution (CVE-2021-21775)\n\n - webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code\n execution (CVE-2021-21779)\n\n - webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n - gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination\n directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\n - webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n - webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n - webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n - webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n - webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734, CVE-2021-30749,\n CVE-2021-30799)\n\n - webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack\n (CVE-2021-30744)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n - webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-24870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-36241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1801\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-21806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30749\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30758\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1925640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1940026\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944859\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1944867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1980441\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986863\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986906\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30799\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 79, 119, 120, 190, 200, 416, 459, 843, 863);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-autoar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gnome-autoar-0.2.3-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'sp':'6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'sp':'6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'gnome-autoar-0.2.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / gnome-autoar / webkit2gtk3 / webkit2gtk3-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:57:21", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4381 advisory.\n\n - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. (CVE-2020-13558)\n\n - Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.\n (CVE-2020-24870)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. (CVE-2020-36241)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870, CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for CVE-2020-36241. (CVE-2021-28650)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : GNOME (ELSA-2021-4381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libraw", "p-cpe:/a:oracle:linux:libraw-devel", "p-cpe:/a:oracle:linux:accountsservice", "p-cpe:/a:oracle:linux:accountsservice-devel", "p-cpe:/a:oracle:linux:accountsservice-libs", "p-cpe:/a:oracle:linux:gdm", "p-cpe:/a:oracle:linux:gnome-autoar", "p-cpe:/a:oracle:linux:gnome-calculator", "p-cpe:/a:oracle:linux:gnome-classic-session", "p-cpe:/a:oracle:linux:gnome-control-center", "p-cpe:/a:oracle:linux:gnome-control-center-filesystem", "p-cpe:/a:oracle:linux:gnome-online-accounts", "p-cpe:/a:oracle:linux:gnome-online-accounts-devel", "p-cpe:/a:oracle:linux:gnome-session", "p-cpe:/a:oracle:linux:gnome-session-kiosk-session", "p-cpe:/a:oracle:linux:gnome-session-wayland-session", "p-cpe:/a:oracle:linux:gnome-session-xsession", "p-cpe:/a:oracle:linux:gnome-settings-daemon", "p-cpe:/a:oracle:linux:gnome-shell", "p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows", "p-cpe:/a:oracle:linux:gnome-shell-extension-common", "p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock", "p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield", "p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-gesture-inhibitor", "p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance", "p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement", "p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner", "p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites", "p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:oracle:linux:gnome-shell-extension-systemmonitor", "p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog", "p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-list", "p-cpe:/a:oracle:linux:gnome-shell-extension-windowsnavigator", "p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator", "p-cpe:/a:oracle:linux:gnome-software", "p-cpe:/a:oracle:linux:gnome-software-devel", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:oracle:linux:gtk-update-icon-cache", "p-cpe:/a:oracle:linux:gtk3", "p-cpe:/a:oracle:linux:gtk3-devel", "p-cpe:/a:oracle:linux:gtk3-immodule-xim", "p-cpe:/a:oracle:linux:mutter", "p-cpe:/a:oracle:linux:mutter-devel", "p-cpe:/a:oracle:linux:vino", "p-cpe:/a:oracle:linux:webkit2gtk3", "p-cpe:/a:oracle:linux:webkit2gtk3-devel", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel"], "id": "ORACLELINUX_ELSA-2021-4381.NASL", "href": "https://www.tenable.com/plugins/nessus/155421", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4381.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155421);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-13558\",\n \"CVE-2020-24870\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2020-36241\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-28650\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"Oracle Linux 8 : GNOME (ELSA-2021-4381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4381 advisory.\n\n - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit\n WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. (CVE-2020-13558)\n\n - Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.\n (CVE-2020-24870)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big\n Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS\n 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on\n arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4\n and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other\n software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent\n is a symlink to a directory outside of the intended extraction location. (CVE-2020-36241)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1870, CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other\n software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent\n is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for\n CVE-2020-36241. (CVE-2021-28650)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1789)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4381.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30799\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:accountsservice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:accountsservice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-autoar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-calculator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-online-accounts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-online-accounts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-kiosk-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-gesture-inhibitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-software\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-software-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vino\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-40.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gdm-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gdm-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-28.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.0.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.0.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.0.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.0.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.0.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.0.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.0.1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.0.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / accountsservice / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-18T15:51:49", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4381 advisory.\n\n - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. (CVE-2020-13558)\n\n - Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.\n (CVE-2020-24870)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. (CVE-2020-36241)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870, CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for CVE-2020-36241. (CVE-2021-28650)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : GNOME (ALSA-2021:4381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libraw", "p-cpe:/a:alma:linux:libraw-devel", "p-cpe:/a:alma:linux:accountsservice", "p-cpe:/a:alma:linux:accountsservice-devel", "p-cpe:/a:alma:linux:accountsservice-libs", "p-cpe:/a:alma:linux:gdm", "p-cpe:/a:alma:linux:gnome-autoar", "p-cpe:/a:alma:linux:gnome-calculator", "p-cpe:/a:alma:linux:gnome-classic-session", "p-cpe:/a:alma:linux:gnome-control-center", "p-cpe:/a:alma:linux:gnome-control-center-filesystem", "p-cpe:/a:alma:linux:gnome-online-accounts", "p-cpe:/a:alma:linux:gnome-online-accounts-devel", "p-cpe:/a:alma:linux:gnome-session", "p-cpe:/a:alma:linux:gnome-session-kiosk-session", "p-cpe:/a:alma:linux:gnome-session-wayland-session", "p-cpe:/a:alma:linux:gnome-session-xsession", "p-cpe:/a:alma:linux:gnome-settings-daemon", "p-cpe:/a:alma:linux:gnome-shell", "p-cpe:/a:alma:linux:gnome-shell-extension-apps-menu", "p-cpe:/a:alma:linux:gnome-shell-extension-auto-move-windows", "p-cpe:/a:alma:linux:gnome-shell-extension-common", "p-cpe:/a:alma:linux:gnome-shell-extension-dash-to-dock", "p-cpe:/a:alma:linux:gnome-shell-extension-desktop-icons", "p-cpe:/a:alma:linux:gnome-shell-extension-disable-screenshield", "p-cpe:/a:alma:linux:gnome-shell-extension-drive-menu", "p-cpe:/a:alma:linux:gnome-shell-extension-gesture-inhibitor", "p-cpe:/a:alma:linux:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:alma:linux:gnome-shell-extension-launch-new-instance", "p-cpe:/a:alma:linux:gnome-shell-extension-native-window-placement", "p-cpe:/a:alma:linux:gnome-shell-extension-no-hot-corner", "p-cpe:/a:alma:linux:gnome-shell-extension-panel-favorites", "p-cpe:/a:alma:linux:gnome-shell-extension-places-menu", "p-cpe:/a:alma:linux:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:alma:linux:gnome-shell-extension-systemmonitor", "p-cpe:/a:alma:linux:gnome-shell-extension-top-icons", "p-cpe:/a:alma:linux:gnome-shell-extension-updates-dialog", "p-cpe:/a:alma:linux:gnome-shell-extension-user-theme", "p-cpe:/a:alma:linux:gnome-shell-extension-window-grouper", "p-cpe:/a:alma:linux:gnome-shell-extension-window-list", "p-cpe:/a:alma:linux:gnome-shell-extension-windowsnavigator", "p-cpe:/a:alma:linux:gnome-shell-extension-workspace-indicator", "p-cpe:/a:alma:linux:gnome-software", "p-cpe:/a:alma:linux:gnome-software-devel", "p-cpe:/a:alma:linux:gsettings-desktop-schemas", "p-cpe:/a:alma:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:alma:linux:gtk-update-icon-cache", "p-cpe:/a:alma:linux:gtk3", "p-cpe:/a:alma:linux:gtk3-devel", "p-cpe:/a:alma:linux:gtk3-immodule-xim", "p-cpe:/a:alma:linux:mutter", "p-cpe:/a:alma:linux:mutter-devel", "p-cpe:/a:alma:linux:vino", "p-cpe:/a:alma:linux:webkit2gtk3", "p-cpe:/a:alma:linux:webkit2gtk3-devel", "p-cpe:/a:alma:linux:webkit2gtk3-jsc", "p-cpe:/a:alma:linux:webkit2gtk3-jsc-devel", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-4381.NASL", "href": "https://www.tenable.com/plugins/nessus/157596", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:4381.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157596);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-13558\",\n \"CVE-2020-24870\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2020-36241\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-28650\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\"\n );\n script_xref(name:\"ALSA\", value:\"2021:4381\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n\n script_name(english:\"AlmaLinux 8 : GNOME (ALSA-2021:4381)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:4381 advisory.\n\n - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit\n WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. (CVE-2020-13558)\n\n - Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.\n (CVE-2020-24870)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other\n software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent\n is a symlink to a directory outside of the intended extraction location. (CVE-2020-36241)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big\n Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS\n 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on\n arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4\n and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1870, CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other\n software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent\n is a symlink in certain complex situations. NOTE: this issue exists because of an incomplete fix for\n CVE-2020-36241. (CVE-2021-28650)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-4381.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30799\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:accountsservice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:accountsservice-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:accountsservice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-autoar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-calculator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-online-accounts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-online-accounts-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-session-kiosk-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-gesture-inhibitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-software\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-software-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vino\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'accountsservice-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-devel-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'accountsservice-libs-0.6.55-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdm-40.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gdm-40.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-autoar-0.2.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-calculator-3.28.2-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-classic-session-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-3.28.2-28.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-control-center-filesystem-3.28.2-28.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-online-accounts-devel-3.28.2-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-kiosk-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-13.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-16.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-3.32.2-40.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-common-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-gesture-inhibitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-window-list-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-20.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-software-devel-3.36.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-60.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vino-3.22.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.32.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / accountsservice / accountsservice-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:41", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : webkit2gtk3 (openSUSE-SU-2022:0182-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "cpe:/o:novell:opensuse:15.3", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser"], "id": "OPENSUSE-2022-0182-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157093", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0182-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157093);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : webkit2gtk3 (openSUSE-SU-2022:0182-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FK6EK2KGH7KDPXCBN2Q3SSAVOCIXNCFX/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0eaac383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libjavascriptcoregtk-4_0-18-32bit-2.34.3-23.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk-4_0-37-32bit-2.34.3-23.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit-jsc-4-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-minibrowser-2.34.3-23.3', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T15:39:16", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0182-2 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0182-2.NASL", "href": "https://www.tenable.com/plugins/nessus/158139", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0182-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158139);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0182-2\");\n\n script_name(english:\"SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0182-2 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010234.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f2507edb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:13:14", "description": "The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0182-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157103", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0182-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157103);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2019-8766\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0182-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0182-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0182-1 advisory.\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010070.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b94eaab2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8815\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-desktop-applications-release-15.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-23.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:12:19", "description": "The remote host is affected by the vulnerability described in GLSA-202202-01 (WebkitGTK+: Multiple vulnerabilities)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-01T00:00:00", "type": "nessus", "title": "GLSA-202202-01 : WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45482"], "modified": "2022-02-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:webkit-gtk", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202202-01.NASL", "href": "https://www.tenable.com/plugins/nessus/157266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202202-01.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157266);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/03\");\n\n script_cve_id(\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-30661\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\",\n \"CVE-2021-30934\",\n \"CVE-2021-30936\",\n \"CVE-2021-30951\",\n \"CVE-2021-30952\",\n \"CVE-2021-30953\",\n \"CVE-2021-30954\",\n \"CVE-2021-30984\",\n \"CVE-2021-42762\",\n \"CVE-2021-45482\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0577-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"GLSA-202202-01 : WebkitGTK+: Multiple vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202202-01 (WebkitGTK+: Multiple vulnerabilities)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that\n allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by\n the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to\n host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process\n remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different\n vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202202-01\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=779175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=801400\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=813489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=819522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=820434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=831739\");\n script_set_attribute(attribute:\"solution\", value:\n\"All WebkitGTK+ users should upgrade to the latest version:\n\n\t\t\t# emerge --sync\n\t\t\t# emerge --ask --oneshot --verbose >=net-libs/webkit-gtk-2.34.4\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30954\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"net-libs/webkit-gtk\",\n 'unaffected' : make_list(\"ge 2.34.4\"),\n 'vulnerable' : make_list(\"lt 2.34.4\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"WebkitGTK+\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:40", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0183-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-26T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0183-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2018-8480", "CVE-2018-8488", "CVE-2018-8498", "CVE-2018-8518", "CVE-2018-8523", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-10018", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0183-1.NASL", "href": "https://www.tenable.com/plugins/nessus/157109", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0183-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157109);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2018-8518\",\n \"CVE-2018-8523\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2018-A-0329-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0183-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:0183-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:0183-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize\n a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of\n Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480,\n CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010071.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?505f53d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3897\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1', 'sles-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'webkit2gtk3-devel-2.34.3-3.92.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:11:43", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0142-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480, CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559, CVE-2019-8563)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8681, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8684, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726, CVE-2019-8733)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815, CVE-2019-8821, CVE-2019-8822)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop- portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-21T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2022:0142-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5226", "CVE-2018-8480", "CVE-2018-8488", "CVE-2018-8498", "CVE-2018-8518", "CVE-2018-8523", "CVE-2019-8551", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8674", "CVE-2019-8681", "CVE-2019-8684", "CVE-2019-8687", "CVE-2019-8688", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8707", "CVE-2019-8719", "CVE-2019-8726", "CVE-2019-8733", "CVE-2019-8763", "CVE-2019-8765", "CVE-2019-8766", "CVE-2019-8768", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2019-8821", "CVE-2019-8822", "CVE-2020-10018", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2-4_0", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension-4_0", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles"], "id": "SUSE_SU-2022-0142-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156925", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0142-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156925);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2018-8518\",\n \"CVE-2018-8523\",\n \"CVE-2019-8551\",\n \"CVE-2019-8558\",\n \"CVE-2019-8559\",\n \"CVE-2019-8563\",\n \"CVE-2019-8674\",\n \"CVE-2019-8681\",\n \"CVE-2019-8684\",\n \"CVE-2019-8687\",\n \"CVE-2019-8688\",\n \"CVE-2019-8689\",\n \"CVE-2019-8690\",\n \"CVE-2019-8707\",\n \"CVE-2019-8719\",\n \"CVE-2019-8726\",\n \"CVE-2019-8733\",\n \"CVE-2019-8763\",\n \"CVE-2019-8765\",\n \"CVE-2019-8766\",\n \"CVE-2019-8768\",\n \"CVE-2019-8782\",\n \"CVE-2019-8808\",\n \"CVE-2019-8815\",\n \"CVE-2019-8821\",\n \"CVE-2019-8822\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9947\",\n \"CVE-2020-9948\",\n \"CVE-2020-9951\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-13753\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1871\",\n \"CVE-2021-30661\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30823\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30858\",\n \"CVE-2021-30884\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30897\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0126-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0202-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0414-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0505-S\");\n script_xref(name:\"IAVA\", value:\"2018-A-0329-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0373-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0437-S\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0142-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2022:0142-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:0142-1 advisory.\n\n - An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize\n a specially crafted web request to an affected SharePoint server, aka Microsoft SharePoint Elevation of\n Privilege Vulnerability. This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8480,\n CVE-2018-8488, CVE-2018-8498. (CVE-2018-8518)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari\n 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may\n lead to universal cross site scripting. (CVE-2019-8551)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8558, CVE-2019-8559,\n CVE-2019-8563)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13.\n Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8674)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13,\n iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8681, CVE-2019-8687)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for\n Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8684, CVE-2019-8688, CVE-2019-8689)\n\n - A logic issue existed in the handling of document loads. This issue was addressed with improved state\n management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for\n Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8690)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8707, CVE-2019-8726,\n CVE-2019-8733)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8719)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud\n for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8763)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8765)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history\n items. (CVE-2019-8768)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8815, CVE-2019-8821, CVE-2019-8822)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to\n CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-\n portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside\n the sandbox by writing to the controlling terminal's input buffer, similar to CVE-2017-5226.\n (CVE-2020-13753)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0,\n iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9947)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1871)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be\n able to bypass HSTS. (CVE-2021-30823)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code\n execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2021-30858)\n\n - The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15,\n watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing\n history. (CVE-2021-30884)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - An issue existed in the specification for the resource timing API. The specification was updated and the\n updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website\n may exfiltrate data cross-origin. (CVE-2021-30897)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2022-January/021411.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-8523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8551\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8690\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-13753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-29623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1825\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1826\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-1871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30818\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30849\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30851\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30887\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30890\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30897\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3897\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-13753\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'webkit2gtk3-devel-2.34.3-2.82.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.2']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libjavascriptcoregtk-4_0-18-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libwebkit2gtk-4_0-37-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'libwebkit2gtk3-lang-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'typelib-1_0-WebKit2-4_0-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:21", "description": "The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.4 Big Sur. It is, therefore, affected by multiple vulnerabilities including the following:\n\n - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.\n (CVE-2021-30712)\n\n - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.\n (CVE-2021-30678)\n\n - An application may be able to execute arbitrary code with kernel privileges. (CVE-2021-30704)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2021-05-26T00:00:00", "type": "nessus", "title": "macOS 11.x < 11.4 (HT212529)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-36221", "CVE-2020-36222", "CVE-2020-36223", "CVE-2020-36224", "CVE-2020-36225", "CVE-2020-36226", "CVE-2020-36227", "CVE-2020-36228", "CVE-2020-36229", "CVE-2020-36230", "CVE-2021-21779", "CVE-2021-23841", "CVE-2021-30668", "CVE-2021-30669", "CVE-2021-30671", "CVE-2021-30673", "CVE-2021-30676", "CVE-2021-30677", "CVE-2021-30678", "CVE-2021-30679", "CVE-2021-30680", "CVE-2021-30681", "CVE-2021-30682", "CVE-2021-30683", "CVE-2021-30684", "CVE-2021-30685", "CVE-2021-30686", "CVE-2021-30687", "CVE-2021-30688", "CVE-2021-30689", "CVE-2021-30691", "CVE-2021-30692", "CVE-2021-30693", "CVE-2021-30694", "CVE-2021-30695", "CVE-2021-30696", "CVE-2021-30697", "CVE-2021-30698", "CVE-2021-30700", "CVE-2021-30701", "CVE-2021-30702", "CVE-2021-30704", "CVE-2021-30705", "CVE-2021-30707", "CVE-2021-30708", "CVE-2021-30709", "CVE-2021-30710", "CVE-2021-30712", "CVE-2021-30713", "CVE-2021-30715", "CVE-2021-30716", "CVE-2021-30717", "CVE-2021-30718", "CVE-2021-30719", "CVE-2021-30720", "CVE-2021-30721", "CVE-2021-30722", "CVE-2021-30723", "CVE-2021-30724", "CVE-2021-30725", "CVE-2021-30726", "CVE-2021-30727", "CVE-2021-30728", "CVE-2021-30734", "CVE-2021-30735", "CVE-2021-30736", "CVE-2021-30737", "CVE-2021-30738", "CVE-2021-30739", "CVE-2021-30740", "CVE-2021-30744", "CVE-2021-30746", "CVE-2021-30749"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT212529.NASL", "href": "https://www.tenable.com/plugins/nessus/149986", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149986);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2020-36221\",\n \"CVE-2020-36222\",\n \"CVE-2020-36223\",\n \"CVE-2020-36224\",\n \"CVE-2020-36225\",\n \"CVE-2020-36226\",\n \"CVE-2020-36227\",\n \"CVE-2020-36228\",\n \"CVE-2020-36229\",\n \"CVE-2020-36230\",\n \"CVE-2021-21779\",\n \"CVE-2021-23841\",\n \"CVE-2021-30668\",\n \"CVE-2021-30669\",\n \"CVE-2021-30671\",\n \"CVE-2021-30673\",\n \"CVE-2021-30676\",\n \"CVE-2021-30677\",\n \"CVE-2021-30678\",\n \"CVE-2021-30679\",\n \"CVE-2021-30680\",\n \"CVE-2021-30681\",\n \"CVE-2021-30682\",\n \"CVE-2021-30683\",\n \"CVE-2021-30684\",\n \"CVE-2021-30685\",\n \"CVE-2021-30686\",\n \"CVE-2021-30687\",\n \"CVE-2021-30688\",\n \"CVE-2021-30689\",\n \"CVE-2021-30691\",\n \"CVE-2021-30692\",\n \"CVE-2021-30693\",\n \"CVE-2021-30694\",\n \"CVE-2021-30695\",\n \"CVE-2021-30696\",\n \"CVE-2021-30697\",\n \"CVE-2021-30698\",\n \"CVE-2021-30700\",\n \"CVE-2021-30701\",\n \"CVE-2021-30702\",\n \"CVE-2021-30704\",\n \"CVE-2021-30705\",\n \"CVE-2021-30707\",\n \"CVE-2021-30708\",\n \"CVE-2021-30709\",\n \"CVE-2021-30710\",\n \"CVE-2021-30712\",\n \"CVE-2021-30713\",\n \"CVE-2021-30715\",\n \"CVE-2021-30716\",\n \"CVE-2021-30717\",\n \"CVE-2021-30718\",\n \"CVE-2021-30719\",\n \"CVE-2021-30720\",\n \"CVE-2021-30721\",\n \"CVE-2021-30722\",\n \"CVE-2021-30723\",\n \"CVE-2021-30724\",\n \"CVE-2021-30725\",\n \"CVE-2021-30726\",\n \"CVE-2021-30727\",\n \"CVE-2021-30728\",\n \"CVE-2021-30734\",\n \"CVE-2021-30735\",\n \"CVE-2021-30736\",\n \"CVE-2021-30737\",\n \"CVE-2021-30738\",\n \"CVE-2021-30739\",\n \"CVE-2021-30740\",\n \"CVE-2021-30744\",\n \"CVE-2021-30746\",\n \"CVE-2021-30749\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT212529\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2021-05-25-2\");\n script_xref(name:\"IAVA\", value:\"2021-A-0251-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0349-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"macOS 11.x < 11.4 (HT212529)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.4 Big Sur. It is, therefore,\naffected by multiple vulnerabilities including the following:\n\n - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.\n (CVE-2021-30712)\n\n - A remote attacker may be able to cause unexpected application termination or arbitrary code execution.\n (CVE-2021-30678)\n\n - An application may be able to execute arbitrary code with kernel privileges. (CVE-2021-30704)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT212529\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 11.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30740\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-30678\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [{ 'min_version' : '11.0', 'fixed_version' : '11.4', 'fixed_display' : 'macOS Big Sur 11.4' }];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-18T13:11:09", "description": "The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2088 advisory.\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. (CVE-2021-45481)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. (CVE-2021-45483)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-22590)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\n - A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-22662)\n\n - A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call. (CVE-2022-22677)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. (CVE-2022-26700)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26709)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26710)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26716, CVE-2022-26719)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\n - In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n (CVE-2022-30293)\n\n - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32792)\n\n - Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. (CVE-2022-32793)\n\n - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32816)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42826)\n\n - The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42863, CVE-2022-46699)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42867)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\n - A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\n - A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\n - A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\n - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. (CVE-2023-2203)\n\n - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2023-23517, CVE-2023-23518)\n\n - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n (CVE-2023-23529)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25358)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25360)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25361)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\n - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2023-27932)\n\n - The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information (CVE-2023-27954)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2023-28205)\n\n - An out-of-bounds read was addressed with improved input validation. (CVE-2023-28204)\n\n - A use-after-free issue was addressed with improved memory management. (CVE-2023-32373)\n\n - The issue was addressed with improved bounds checks. (CVE-2023-32409)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-06-13T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : webkitgtk4 (ALAS-2023-2088)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-22592", "CVE-2020-27918", "CVE-2020-29623", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-32912", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45481", "CVE-2021-45482", "CVE-2021-45483", "CVE-2022-22590", "CVE-2022-22592", "CVE-2022-22662", "CVE-2022-22677", "CVE-2022-26700", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26719", "CVE-2022-30293", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32816", "CVE-2022-32885", "CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42824", "CVE-2022-42826", "CVE-2022-42852", "CVE-2022-42856", "CVE-2022-42863", "CVE-2022-42867", "CVE-2022-46691", "CVE-2022-46692", "CVE-2022-46698", "CVE-2022-46699", "CVE-2022-46700", "CVE-2023-2203", "CVE-2023-23517", "CVE-2023-23518", "CVE-2023-23529", "CVE-2023-25358", "CVE-2023-25360", "CVE-2023-25361", "CVE-2023-25362", "CVE-2023-25363", "CVE-2023-27932", "CVE-2023-27954", "CVE-2023-28204", "CVE-2023-28205", "CVE-2023-32373", "CVE-2023-32409"], "modified": "2023-06-14T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:webkitgtk4", "p-cpe:/a:amazon:linux:webkitgtk4-debuginfo", "p-cpe:/a:amazon:linux:webkitgtk4-devel", "p-cpe:/a:amazon:linux:webkitgtk4-jsc", "p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2023-2088.NASL", "href": "https://www.tenable.com/plugins/nessus/177194", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2023-2088.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(177194);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/14\");\n\n script_cve_id(\n \"CVE-2020-22592\",\n \"CVE-2020-27918\",\n \"CVE-2020-29623\",\n \"CVE-2021-1765\",\n \"CVE-2021-1788\",\n \"CVE-2021-1789\",\n \"CVE-2021-1799\",\n \"CVE-2021-1801\",\n \"CVE-2021-1817\",\n \"CVE-2021-1820\",\n \"CVE-2021-1825\",\n \"CVE-2021-1826\",\n \"CVE-2021-1844\",\n \"CVE-2021-1870\",\n \"CVE-2021-21775\",\n \"CVE-2021-21779\",\n \"CVE-2021-21806\",\n \"CVE-2021-30661\",\n \"CVE-2021-30663\",\n \"CVE-2021-30665\",\n \"CVE-2021-30666\",\n \"CVE-2021-30682\",\n \"CVE-2021-30689\",\n \"CVE-2021-30720\",\n \"CVE-2021-30734\",\n \"CVE-2021-30744\",\n \"CVE-2021-30749\",\n \"CVE-2021-30758\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\",\n \"CVE-2021-30795\",\n \"CVE-2021-30797\",\n \"CVE-2021-30799\",\n \"CVE-2021-30809\",\n \"CVE-2021-30818\",\n \"CVE-2021-30836\",\n \"CVE-2021-30846\",\n \"CVE-2021-30848\",\n \"CVE-2021-30849\",\n \"CVE-2021-30851\",\n \"CVE-2021-30887\",\n \"CVE-2021-30888\",\n \"CVE-2021-30889\",\n \"CVE-2021-30890\",\n \"CVE-2021-30934\",\n \"CVE-2021-30936\",\n \"CVE-2021-30951\",\n \"CVE-2021-30952\",\n \"CVE-2021-30953\",\n \"CVE-2021-30954\",\n \"CVE-2021-30984\",\n \"CVE-2021-32912\",\n \"CVE-2021-42762\",\n \"CVE-2021-45481\",\n \"CVE-2021-45482\",\n \"CVE-2021-45483\",\n \"CVE-2022-22590\",\n \"CVE-2022-22592\",\n \"CVE-2022-22662\",\n \"CVE-2022-22677\",\n \"CVE-2022-26700\",\n \"CVE-2022-26709\",\n \"CVE-2022-26710\",\n \"CVE-2022-26716\",\n \"CVE-2022-26717\",\n \"CVE-2022-26719\",\n \"CVE-2022-30293\",\n \"CVE-2022-32792\",\n \"CVE-2022-32793\",\n \"CVE-2022-32816\",\n \"CVE-2022-32885\",\n \"CVE-2022-32888\",\n \"CVE-2022-32923\",\n \"CVE-2022-42799\",\n \"CVE-2022-42824\",\n \"CVE-2022-42826\",\n \"CVE-2022-42852\",\n \"CVE-2022-42856\",\n \"CVE-2022-42863\",\n \"CVE-2022-42867\",\n \"CVE-2022-46691\",\n \"CVE-2022-46692\",\n \"CVE-2022-46698\",\n \"CVE-2022-46699\",\n \"CVE-2022-46700\",\n \"CVE-2023-2203\",\n \"CVE-2023-23517\",\n \"CVE-2023-23518\",\n \"CVE-2023-23529\",\n \"CVE-2023-25358\",\n \"CVE-2023-25360\",\n \"CVE-2023-25361\",\n \"CVE-2023-25362\",\n \"CVE-2023-25363\",\n \"CVE-2023-27932\",\n \"CVE-2023-27954\",\n \"CVE-2023-28204\",\n \"CVE-2023-28205\",\n \"CVE-2023-32373\",\n \"CVE-2023-32409\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/25\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/01/04\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/03/07\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/05/01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/12\");\n\n script_name(english:\"Amazon Linux 2 : webkitgtk4 (ALAS-2023-2088)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2023-2088 advisory.\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes\n 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-27918)\n\n - Clear History and Website Data did not clear the history. The issue was addressed with improved data\n deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update\n 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing\n history. (CVE-2020-29623)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content\n may violate iframe sandboxing policy. (CVE-2021-1765)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1788)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4\n and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2021-1789)\n\n - A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big\n Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS\n 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on\n arbitrary servers. (CVE-2021-1799)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur\n 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4\n and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big\n Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-1817)\n\n - A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS\n Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content\n may result in the disclosure of process memory. (CVE-2021-1820)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iTunes\n 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS\n 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting\n attack. (CVE-2021-1825)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS\n 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-1826)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and\n iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2,\n Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote\n attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-1870)\n\n - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of\n Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further\n memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a\n malicious webpage. (CVE-2021-21775)\n\n - A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in\n WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory\n corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.\n (CVE-2021-21779)\n\n - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially\n crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim\n needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1,\n iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30661)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and\n iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30663)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS\n 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited.. (CVE-2021-30665)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak\n sensitive user information. (CVE-2021-30682)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content\n may lead to universal cross site scripting. (CVE-2021-30689)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and\n iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access\n restricted ports on arbitrary servers. (CVE-2021-30720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734, CVE-2021-30749)\n\n - Description: A cross-origin issue with iframe elements was addressed with improved tracking of security\n origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4,\n watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2021-30744)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari\n 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to\n arbitrary code execution. (CVE-2021-30758)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7,\n Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30795)\n\n - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big\n Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.\n (CVE-2021-30797)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2021-30809)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30818)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may\n disclose restricted memory. (CVE-2021-30836)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30846)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and\n iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30848)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\n - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15,\n tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code\n execution. (CVE-2021-30851)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS\n 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\n - An information leakage issue was addressed. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS\n Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, tvOS 15.1, watchOS 8.1. A malicious website using Content\n Security Policy reports may be able to leak information via redirect behavior . (CVE-2021-30888)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey\n 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2021-30889)\n\n - A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1,\n iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to\n universal cross site scripting. (CVE-2021-30890)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30934)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30936, CVE-2021-30951)\n\n - An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30952)\n\n - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30953)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2,\n macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2021-30954)\n\n - A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS\n Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2021-30984)\n\n - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that\n allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by\n the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to\n host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process\n remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\n - In WebKitGTK before 2.32.4, there is incorrect memory allocation in\n WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application\n crash, a different vulnerability than CVE-2021-30889. (CVE-2021-45481)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different\n vulnerability than CVE-2021-30889. (CVE-2021-45482)\n\n - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability\n than CVE-2021-30889. (CVE-2021-45483)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and\n iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-22590)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS\n 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content\n may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\n - A cookie management issue was addressed with improved state management. This issue is fixed in Security\n Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose\n sensitive user information. (CVE-2022-22662)\n\n - A logic issue in the handling of concurrent media was addressed with improved state handling. This issue\n is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be\n interrupted if the user answers a phone call. (CVE-2022-22677)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5,\n watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to code execution. (CVE-2022-26700)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5,\n iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-26709)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and\n iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may\n lead to arbitrary code execution. (CVE-2022-26710)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5,\n iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-26716, CVE-2022-26719)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5,\n watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\n - In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in\n WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n (CVE-2022-30293)\n\n - An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6\n and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-32792)\n\n - Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in\n macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose\n kernel memory. (CVE-2022-32793)\n\n - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6\n and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI\n spoofing. (CVE-2022-32816)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big\n Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\n - A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS\n 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing\n maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\n - The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13,\n watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface\n spoofing. (CVE-2022-42799)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS\n Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content\n may disclose sensitive user information. (CVE-2022-42824)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura\n 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2022-42826)\n\n - The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2,\n macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing\n maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\n - A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2,\n tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted\n web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been\n actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted\n web content may lead to arbitrary code execution. (CVE-2022-42863, CVE-2022-46699)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2,\n tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web\n content may lead to arbitrary code execution. (CVE-2022-42867)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\n - A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2,\n iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2,\n watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\n - A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud\n for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously\n crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\n - A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari\n 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\n - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free\n vulnerability. This flaw allows attackers with network access to pass specially crafted web content files,\n causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205\n security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux\n 9.2. (CVE-2023-2203)\n\n - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS\n Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2023-23517,\n CVE-2023-23518)\n\n - A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1,\n iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to\n arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..\n (CVE-2023-23529)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25358)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25360)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows\n attackers to execute code remotely. (CVE-2023-25361)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before\n 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\n - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before\n 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\n - This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS\n 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may\n bypass Same Origin Policy (CVE-2023-27932)\n\n - The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS\n 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be\n able to track sensitive user information (CVE-2023-27954)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura\n 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously\n crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may\n have been actively exploited. (CVE-2023-28205)\n\n - An out-of-bounds read was addressed with improved input validation. (CVE-2023-28204)\n\n - A use-after-free issue was addressed with improved memory management. (CVE-2023-32373)\n\n - The issue was addressed with improved bounds checks. (CVE-2023-32409)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2023-2088.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-22592.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-27918.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-29623.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1765.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1788.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1789.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1801.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1817.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1820.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1825.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1826.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1844.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-1870.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21775.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21779.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-21806.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30661.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30663.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30665.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30666.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30682.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30689.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30720.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30734.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30749.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30758.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30761.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30762.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30795.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30797.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30809.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30818.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30836.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30846.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30848.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30887.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30888.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30889.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30890.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30934.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30936.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30951.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30952.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30953.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30954.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-30984.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-32912.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-42762.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45481.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45482.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-45483.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22590.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22592.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22662.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-22677.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26700.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26709.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26710.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26716.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26717.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26719.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-30293.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32792.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32793.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32816.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32885.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32888.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-32923.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42799.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42824.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42826.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42852.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42856.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42863.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42867.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46691.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46692.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46698.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46699.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-46700.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-2203.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23517.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23518.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-23529.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25358.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25360.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25361.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25362.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-25363.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-27932.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-27954.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-28204.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-28205.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32373.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-32409.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update webkitgtk4' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-30954\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-1870\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:webkitgtk4-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-devel-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkitgtk4 / webkitgtk4-debuginfo / webkitgtk4-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2023-08-16T15:29:43", "description": "GNOME is the default desktop environment of Red Hat Enterprise Linux.\n\nThe following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300)\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)\n\n* LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)\n\n* webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n* webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)\n\n* webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)\n\n* webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)\n\n* webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n* webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n* webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n* webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n* webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n* webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)\n\n* webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)\n\n* webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)\n\n* webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)\n\n* webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T09:15:15", "type": "redhat", "title": "(RHSA-2021:4381) Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2021-11-09T14:09:49", "id": "RHSA-2021:4381", "href": "https://access.redhat.com/errata/RHSA-2021:4381", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) (CVE-2021-3948)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-20T06:27:36", "type": "redhat", "title": "(RHSA-2022:0202) Moderate: Migration Toolkit for Containers (MTC) 1.6.3 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2018-20845", "CVE-2018-20847", "CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2018-5727", "CVE-2018-5785", "CVE-2019-12973", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-10001", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13558", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-15389", "CVE-2020-16135", "CVE-2020-17541", "CVE-2020-18032", "CVE-2020-24370", "CVE-2020-24870", "CVE-2020-27814", "CVE-2020-27823", "CVE-2020-27824", "CVE-2020-27828", "CVE-2020-27842", "CVE-2020-27843", "CVE-2020-27845", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-35521", "CVE-2020-35522", "CVE-2020-35523", "CVE-2020-35524", "CVE-2020-36241", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20271", "CVE-2021-20321", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-26926", "CVE-2021-26927", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-28650", "CVE-2021-29338", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-3272", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3481", "CVE-2021-3572", "CVE-2021-3575", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3733", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-3948", "CVE-2021-41617", "CVE-2021-42574", "CVE-2021-43527"], "modified": "2022-01-20T06:28:12", "id": "RHSA-2022:0202", "href": "https://access.redhat.com/errata/RHSA-2022:0202", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "rocky": [{"lastseen": "2023-07-24T17:25:49", "description": "An update is available for gnome-shell-extensions, webkit2gtk3, LibRaw, gnome-settings-daemon, gsettings-desktop-schemas, gnome-autoar, mutter, accountsservice, gnome-control-center, gnome-online-accounts, gnome-shell, gtk3, gdm, vino, gnome-software, gnome-session, gnome-calculator.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nGNOME is the default desktop environment of Rocky Linux.\n\nThe following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300)\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)\n\n* LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)\n\n* webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n* webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)\n\n* webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)\n\n* webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)\n\n* webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n* webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n* webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n* webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n* webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n* webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)\n\n* webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)\n\n* webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)\n\n* webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)\n\n* webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T09:15:15", "type": "rocky", "title": "GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2021-11-09T09:15:15", "id": "RLSA-2021:4381", "href": "https://errata.rockylinux.org/RLSA-2021:4381", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "almalinux": [{"lastseen": "2023-09-19T11:21:26", "description": "GNOME is the default desktop environment of AlmaLinux.\n\nThe following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300)\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)\n\n* LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)\n\n* webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)\n\n* webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)\n\n* webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)\n\n* webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)\n\n* webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)\n\n* webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)\n\n* webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)\n\n* webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)\n\n* webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)\n\n* webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)\n\n* webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)\n\n* webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)\n\n* webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)\n\n* webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)\n\n* webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)\n\n* webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)\n\n* webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241)\n\n* gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T09:15:15", "type": "almalinux", "title": "Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2021-11-12T10:20:56", "id": "ALSA-2021:4381", "href": "https://errata.almalinux.org/8/ALSA-2021-4381.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2022-07-12T18:39:43", "description": "accountsservice\n[0.6.55-2]\n- Add support for user templates so user can specify default session\n Resolves: #1812788\ngdm\n[40.0-14]\n- Fix XDMCP\n Resolves: #2004170\n- Fix crash at shutdown\n Related: #2004170\n[40.0-13]\n- Disable Wayland on HyperV\n- Fix Xorg fallback\n Related: #1998989\n[40.0-12]\n- Redisable on server chips since rebase\n Related: #1909300\n[40.0-11]\n- Read session settings from users even if theyve never saved\n before. Needed to support accountsservice templated user\n defaults.\n Related: #1812788\n[40.0-10]\n- Let customers using vendor nvidia driver choose wayland sessions\n Resolves: #1962211\n- Drop unused patches\n[40.0-3]\n- Disable network items on login screen\n Resolves: #1935261\n[40.0-2]\n- Fix workaround for systemd bug thats breaking X11 fallback\n Resolves: #1962049\n[40.0-1]\n- Rebase to 40.0\n Resolves: #1909300\ngnome-autoar\n[0.2.3-2]\n- CVE-2020-36241, CVE-2021-28650: Do not allow symlink in parents (rhbz#1928701)\ngnome-calculator\n[3.28.2-2]\n- Allow disabling downloading by setting refresh interval to 0\n Resolves: #1957705\ngnome-control-center\n[3.28.2-28]\n- Update pt_BR translations\n- Resolves: #1978612\ngnome-online-accounts\n[3.28.2-3]\n- Disable the Facebook and Foursquare providers\nResolves: #1951086, #1952136\ngnome-session\n[3.28.1-13.0.1]\n- Update kiosk-session subpackage with Oracle references [Orabug: 32095108]\n[3.28.1-13]\n- Add patch to tell grub boot was successful when user is\n able to explicitly request shutdown/reboot.\n Resolves: #1914925\n[3.28.1-12]\n- Introduce gnome-wayland session to allow users that use\n Xorg on the login screen to try wayland for the user session.\n Related: #1962211\n[3.28.1-11]\n- Exclude kiosk-session from xsession subpackage\n- Disable VT switching when kiosk-session is installed\n Related: #1955754\ngnome-settings-daemon\n[3.32.0-16]\n- Update pt_BR translations\n- Resolves: #1978612\n[3.32.0-15]\n- Keep auto-logout working inside VMs\n Resolves: #1904139\ngnome-shell\n[3.32.2-40]\n- Add bugs introduced in backport for #1651378\n Related: #1999758\n- Tidy up patch list a bit\n[3.32.2-39]\n- Allow extensions on the login screen\n Related: #1651378\n[3.32.2-38]\n- Only mask text in password entries\n Resolves: #1987233\n[3.32.2-37]\n- Only warn once when not running under GDM\n Resolves: #1980661\n[3.32.2-36]\n- Add ability to lock down password showing\n Resolves: #1770302\n- Add requires on newer mutter version\n Related: #1937866\n[3.32.2-35]\n- Improve style of window preview close buttons\n Resolves: #1981420\n[3.32.2-34]\n- Add PolicyKit-authentication-agent virtual provides\n Resolves: #1978287\n[3.32.2-33]\n- Fix warnings on unlock\n Resolves: #1971534\n- Fix gdm lock screen\n Resolves: #1971507\n[3.32.2-32]\n- Fix network secret requests on login screen\n Related: #1935261\n[3.32.2-31]\n- Backport of touch mode\n Resolves: #1937866\ngnome-shell-extensions\n[3.32.1-20]\n- Add extension for displaying heads up message\n Related: #1651378\n[3.32.1-19]\n- Dont use status icon wm_class as top bar role\n Resolves: #1897932\n[3.32.1-18]\n- Add gesture-inhibitor extension\n Resolves: #1854679\n[3.32.1-17]\n- Handle touchscreens on Wayland in the desktop-icons extension\n Resolves: #1924725\n[3.32.1-16]\n- Fix opening files with (wrongly) set executable bit\n Resolves: #1813727\ngnome-software\n[3.36.1-10]\n- Resolves: #1978505 (Development package is missing important header files)\n[3.36.1-9]\n- Resolves: #1972545 (flatpak: Prefer runtime from the same origin as the application)\n[3.36.1-8]\n- Resolves: #1888404 (Updates page hides ongoing updates on refresh)\n[3.36.1-7]\n- Resolves: #1873297 (Crash when run as root)\n[3.36.1-6]\n- Resolves: #1791478 (Cannot completely disable ODRS (GNOME Ratings))\ngsettings-desktop-schemas\n[3.32.0-6]\n- Add setting for locking down Show Password in entries\n Related: #1770302\ngtk3\n[3.22.30-8]\n- Make reftests work in a vm\n[3.22.30-7]\n- Only mention Emoji in context menus when requested (rhbz#1893196)\n- Fix warnings from non-overlay scrollbars (rhbz#1873488)\nLibRaw\n[0.19.5-3]\n- Backport fix for CVE-2020-24870 from upstream\nResolves: #1931841\nmutter\n[3.32.2-60]\n- Backport fix avoiding DND regression\n Resolves: #1999120\n[3.32.2-59]\n- Backport fixes avoiding frozen partly off-screen clients\n Resolves: #1989035\n[3.32.2-58]\n- Backport xauth and xhost patches\n Resolves: #1949176\nvino\n[3.22.0-11]\n- Fix crashes under FIPS\n- Resolves: #1960705\nwebkit2gtk3\n[2.32.3-2]\n- Fix CVE-2021-30858\n- Resolves: #2006428\n[2.32.3-1]\n- Update to 2.32.3\n- Related: #1937416\n[2.32.2-1]\n- Update to 2.32.2\n- Related: #1937416\n[2.32.1-1]\n- Update to 2.32.1\n- Related: #1937416\n[2.32.0-1]\n- Update to 2.32.0\n- Related: #1937416", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-16T00:00:00", "type": "oraclelinux", "title": "GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13558", "CVE-2020-24870", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-36241", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-28650", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799"], "modified": "2021-11-16T00:00:00", "id": "ELSA-2021-4381", "href": "http://linux.oracle.com/errata/ELSA-2021-4381.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2022-11-08T06:10:02", "description": "An update that fixes 43 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.34.3 (bsc#1194019).\n - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced\n Content Security Policy when processing maliciously crafted web content.\n - CVE-2021-30890: Fixed logic issue allowing universal cross site\n scripting when processing maliciously crafted web content.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-182=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-25T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2022-01-25T00:00:00", "id": "OPENSUSE-SU-2022:0182-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FK6EK2KGH7KDPXCBN2Q3SSAVOCIXNCFX/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:39:45", "description": "An update that fixes 43 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.34.3 (bsc#1194019).\n - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced\n Content Security Policy when processing maliciously crafted web content.\n - CVE-2021-30890: Fixed logic issue allowing universal cross site\n scripting when processing maliciously crafted web content.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-182=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-02-17T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8766", "CVE-2019-8782", "CVE-2019-8808", "CVE-2019-8815", "CVE-2020-13753", "CVE-2020-27918", "CVE-2020-29623", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9947", "CVE-2020-9948", "CVE-2020-9951", "CVE-2020-9952", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-30661", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897"], "modified": "2022-02-17T00:00:00", "id": "OPENSUSE-SU-2022:0182-2", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IILRBHE4XKYN4SZKE6UX55V3HK54NAIK/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2023-05-27T14:58:14", "description": "### Background\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. \n\n### Description\n\nMultiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker, by enticing a user to visit maliciously crafted web content, may be able to execute arbitrary code, violate iframe sandboxing policy, access restricted ports on arbitrary servers, cause memory corruption, or could cause a Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll WebkitGTK+ users should upgrade to the latest version:\n \n \n \t\t\t# emerge --sync\n \t\t\t# emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-2.34.4\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-01T00:00:00", "type": "gentoo", "title": "WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1788", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1871", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30823", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30858", "CVE-2021-30884", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30897", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-42762", "CVE-2021-45482"], "modified": "2022-02-01T00:00:00", "id": "GLSA-202202-01", "href": "https://security.gentoo.org/glsa/202202-01", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2023-09-07T04:19:30", "description": "**Issue Overview:**\n\nA logic issue was addressed with improved state management. (CVE-2020-22592)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-27918)\n\n\"Clear History and Website Data\" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete browsing history. (CVE-2020-29623)\n\nThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1765)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1788)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1789)\n\nA port redirection issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. A malicious website may be able to access restricted ports on arbitrary servers. The highest threat from this vulnerability is to data integrity. (CVE-2021-1799)\n\nThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2021-1801)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1817)\n\nA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2021-1820)\n\nAn input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2021-1825)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-1826)\n\nA memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-1844)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-1870)\n\nA use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. (CVE-2021-21775)\n\nA use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. (CVE-2021-21779)\n\nAn exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. (CVE-2021-21806)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30661)\n\nAn integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30663)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30665)\n\nA buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. (CVE-2021-30682)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30689)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. (CVE-2021-30720)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30734)\n\nDescription: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30744)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30749)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30758)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30795)\n\nThis issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30797)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30799)\n\nA use-after-free flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30809)\n\nA confusion type flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30818)\n\nAn out-of-bounds read flaw was found in WebKitGTK. A specially crafted audio file could use this flaw to trigger a disclosure of memory when processed. (CVE-2021-30836)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30846)\n\nA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30848)\n\nMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30849)\n\nA memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. (CVE-2021-30851)\n\nA logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)\n\nAn information leak flaw was found in WebKitGTK. A malicious web site using Content Security Policy reports could use this flaw to leak information via redirects. (CVE-2021-30888)\n\nA buffer overflow flaw was found in WebKitGTK. Specially crafted web content could use this flaw to trigger an arbitrary code execution when processed. (CVE-2021-30889)\n\nA logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)\n\nA buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30934)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30936)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30951)\n\nAn integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30952)\n\nAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30953)\n\nA type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30954)\n\nA race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2021-30984)\n\n** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none. (CVE-2021-32912)\n\nBubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact is limited to host services that create UNIX sockets that WebKit mounts inside its sandbox, and the sandboxed process remains otherwise confined. NOTE: this is similar to CVE-2021-41133. (CVE-2021-42762)\n\nA segmentation violation vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45481)\n\nA use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45482)\n\nA use-after-free vulnerability was found in webkitgtk. An attacker with network access could pass specially crafted HTML files causing an application to halt or crash. (CVE-2021-45483)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-22590)\n\nA logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2022-22592)\n\nA cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-22662)\n\nA logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call. (CVE-2022-22677)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution. (CVE-2022-26700)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26709)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26710)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26716)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26717)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-26719)\n\nIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. (CVE-2022-30293)\n\nAn out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32792)\n\nMultiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. (CVE-2022-32793)\n\nThe issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing. (CVE-2022-32816)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32885)\n\nAn out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-32888)\n\nA correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. (CVE-2022-32923)\n\nThe issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. (CVE-2022-42799)\n\nA logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-42824)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution\n\nRESERVED \nNOTE: https://webkitgtk.org/security/WSA-2023-0001.html (CVE-2022-42826)\n\nThe issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory. (CVE-2022-42852)\n\nA type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. (CVE-2022-42856)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42863)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42867)\n\nA memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46691)\n\nA logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy. (CVE-2022-46692)\n\nA logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information. (CVE-2022-46698)\n\nA memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46699)\n\nA memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-46700)\n\nA flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. (CVE-2023-2203)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution (CVE-2023-23517)\n\nProcessing maliciously crafted web content may lead to arbitrary code execution (CVE-2023-23518)\n\nA vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. This may, in theory, allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger type confusion, and execute arbitrary code on the target system. (CVE-2023-23529)\n\nA use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25358)\n\nA use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25360)\n\nA use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25361)\n\nA use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25362)\n\nA use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. (CVE-2023-25363)\n\nThe vulnerability allows a remote attacker to bypass Same Origin Policy restrictions. (CVE-2023-27932)\n\nThe vulnerability exists due to excessive data output by the application. A remote attacker can track sensitive user information. (CVE-2023-27954)\n\nAn out-of-bounds read issue in WebKit that could be abused to disclose sensitive information when processing web content. It was addressed with improved input validation. (CVE-2023-28204)\n\nA use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. (CVE-2023-28205)\n\nA use-after free bug in WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. It was addressed with improved memory management. (CVE-2023-32373)\n\nN/A (CVE-2023-32409)\n\n \n**Affected Packages:** \n\n\nwebkitgtk4\n\n \n**Issue Correction:** \nRun _yum update webkitgtk4_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.i686 \n \n src: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 webkitgtk4-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-devel-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-jsc-devel-2.38.5-3.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 webkitgtk4-debuginfo-2.38.5-3.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2020-22592](<https://access.redhat.com/security/cve/CVE-2020-22592>), [CVE-2020-27918](<https://access.redhat.com/security/cve/CVE-2020-27918>), [CVE-2020-29623](<https://access.redhat.com/security/cve/CVE-2020-29623>), [CVE-2021-1765](<https://access.redhat.com/security/cve/CVE-2021-1765>), [CVE-2021-1788](<https://access.redhat.com/security/cve/CVE-2021-1788>), [CVE-2021-1789](<https://access.redhat.com/security/cve/CVE-2021-1789>), [CVE-2021-1799](<https://access.redhat.com/security/cve/CVE-2021-1799>), [CVE-2021-1801](<https://access.redhat.com/security/cve/CVE-2021-1801>), [CVE-2021-1817](<https://access.redhat.com/security/cve/CVE-2021-1817>), [CVE-2021-1820](<https://access.redhat.com/security/cve/CVE-2021-1820>), [CVE-2021-1825](<https://access.redhat.com/security/cve/CVE-2021-1825>), [CVE-2021-1826](<https://access.redhat.com/security/cve/CVE-2021-1826>), [CVE-2021-1844](<https://access.redhat.com/security/cve/CVE-2021-1844>), [CVE-2021-1870](<https://access.redhat.com/security/cve/CVE-2021-1870>), [CVE-2021-21775](<https://access.redhat.com/security/cve/CVE-2021-21775>), [CVE-2021-21779](<https://access.redhat.com/security/cve/CVE-2021-21779>), [CVE-2021-21806](<https://access.redhat.com/security/cve/CVE-2021-21806>), [CVE-2021-30661](<https://access.redhat.com/security/cve/CVE-2021-30661>), [CVE-2021-30663](<https://access.redhat.com/security/cve/CVE-2021-30663>), [CVE-2021-30665](<https://access.redhat.com/security/cve/CVE-2021-30665>), [CVE-2021-30666](<https://access.redhat.com/security/cve/CVE-2021-30666>), [CVE-2021-30682](<https://access.redhat.com/security/cve/CVE-2021-30682>), [CVE-2021-30689](<https://access.redhat.com/security/cve/CVE-2021-30689>), [CVE-2021-30720](<https://access.redhat.com/security/cve/CVE-2021-30720>), [CVE-2021-30734](<https://access.redhat.com/security/cve/CVE-2021-30734>), [CVE-2021-30744](<https://access.redhat.com/security/cve/CVE-2021-30744>), [CVE-2021-30749](<https://access.redhat.com/security/cve/CVE-2021-30749>), [CVE-2021-30758](<https://access.redhat.com/security/cve/CVE-2021-30758>), [CVE-2021-30761](<https://access.redhat.com/security/cve/CVE-2021-30761>), [CVE-2021-30762](<https://access.redhat.com/security/cve/CVE-2021-30762>), [CVE-2021-30795](<https://access.redhat.com/security/cve/CVE-2021-30795>), [CVE-2021-30797](<https://access.redhat.com/security/cve/CVE-2021-30797>), [CVE-2021-30799](<https://access.redhat.com/security/cve/CVE-2021-30799>), [CVE-2021-30809](<https://access.redhat.com/security/cve/CVE-2021-30809>), [CVE-2021-30818](<https://access.redhat.com/security/cve/CVE-2021-30818>), [CVE-2021-30836](<https://access.redhat.com/security/cve/CVE-2021-30836>), [CVE-2021-30846](<https://access.redhat.com/security/cve/CVE-2021-30846>), [CVE-2021-30848](<https://access.redhat.com/security/cve/CVE-2021-30848>), [CVE-2021-30849](<https://access.redhat.com/security/cve/CVE-2021-30849>), [CVE-2021-30851](<https://access.redhat.com/security/cve/CVE-2021-30851>), [CVE-2021-30887](<https://access.redhat.com/security/cve/CVE-2021-30887>), [CVE-2021-30888](<https://access.redhat.com/security/cve/CVE-2021-30888>), [CVE-2021-30889](<https://access.redhat.com/security/cve/CVE-2021-30889>), [CVE-2021-30890](<https://access.redhat.com/security/cve/CVE-2021-30890>), [CVE-2021-30934](<https://access.redhat.com/security/cve/CVE-2021-30934>), [CVE-2021-30936](<https://access.redhat.com/security/cve/CVE-2021-30936>), [CVE-2021-30951](<https://access.redhat.com/security/cve/CVE-2021-30951>), [CVE-2021-30952](<https://access.redhat.com/security/cve/CVE-2021-30952>), [CVE-2021-30953](<https://access.redhat.com/security/cve/CVE-2021-30953>), [CVE-2021-30954](<https://access.redhat.com/security/cve/CVE-2021-30954>), [CVE-2021-30984](<https://access.redhat.com/security/cve/CVE-2021-30984>), [CVE-2021-32912](<https://access.redhat.com/security/cve/CVE-2021-32912>), [CVE-2021-42762](<https://access.redhat.com/security/cve/CVE-2021-42762>), [CVE-2021-45481](<https://access.redhat.com/security/cve/CVE-2021-45481>), [CVE-2021-45482](<https://access.redhat.com/security/cve/CVE-2021-45482>), [CVE-2021-45483](<https://access.redhat.com/security/cve/CVE-2021-45483>), [CVE-2022-22590](<https://access.redhat.com/security/cve/CVE-2022-22590>), [CVE-2022-22592](<https://access.redhat.com/security/cve/CVE-2022-22592>), [CVE-2022-22662](<https://access.redhat.com/security/cve/CVE-2022-22662>), [CVE-2022-22677](<https://access.redhat.com/security/cve/CVE-2022-22677>), [CVE-2022-26700](<https://access.redhat.com/security/cve/CVE-2022-26700>), [CVE-2022-26709](<https://access.redhat.com/security/cve/CVE-2022-26709>), [CVE-2022-26710](<https://access.redhat.com/security/cve/CVE-2022-26710>), [CVE-2022-26716](<https://access.redhat.com/security/cve/CVE-2022-26716>), [CVE-2022-26717](<https://access.redhat.com/security/cve/CVE-2022-26717>), [CVE-2022-26719](<https://access.redhat.com/security/cve/CVE-2022-26719>), [CVE-2022-30293](<https://access.redhat.com/security/cve/CVE-2022-30293>), [CVE-2022-32792](<https://access.redhat.com/security/cve/CVE-2022-32792>), [CVE-2022-32793](<https://access.redhat.com/security/cve/CVE-2022-32793>), [CVE-2022-32816](<https://access.redhat.com/security/cve/CVE-2022-32816>), [CVE-2022-32885](<https://access.redhat.com/security/cve/CVE-2022-32885>), [CVE-2022-32888](<https://access.redhat.com/security/cve/CVE-2022-32888>), [CVE-2022-32923](<https://access.redhat.com/security/cve/CVE-2022-32923>), [CVE-2022-42799](<https://access.redhat.com/security/cve/CVE-2022-42799>), [CVE-2022-42824](<https://access.redhat.com/security/cve/CVE-2022-42824>), [CVE-2022-42826](<https://access.redhat.com/security/cve/CVE-2022-42826>), [CVE-2022-42852](<https://access.redhat.com/security/cve/CVE-2022-42852>), [CVE-2022-42856](<https://access.redhat.com/security/cve/CVE-2022-42856>), [CVE-2022-42863](<https://access.redhat.com/security/cve/CVE-2022-42863>), [CVE-2022-42867](<https://access.redhat.com/security/cve/CVE-2022-42867>), [CVE-2022-46691](<https://access.redhat.com/security/cve/CVE-2022-46691>), [CVE-2022-46692](<https://access.redhat.com/security/cve/CVE-2022-46692>), [CVE-2022-46698](<https://access.redhat.com/security/cve/CVE-2022-46698>), [CVE-2022-46699](<https://access.redhat.com/security/cve/CVE-2022-46699>), [CVE-2022-46700](<https://access.redhat.com/security/cve/CVE-2022-46700>), [CVE-2023-2203](<https://access.redhat.com/security/cve/CVE-2023-2203>), [CVE-2023-23517](<https://access.redhat.com/security/cve/CVE-2023-23517>), [CVE-2023-23518](<https://access.redhat.com/security/cve/CVE-2023-23518>), [CVE-2023-23529](<https://access.redhat.com/security/cve/CVE-2023-23529>), [CVE-2023-25358](<https://access.redhat.com/security/cve/CVE-2023-25358>), [CVE-2023-25360](<https://access.redhat.com/security/cve/CVE-2023-25360>), [CVE-2023-25361](<https://access.redhat.com/security/cve/CVE-2023-25361>), [CVE-2023-25362](<https://access.redhat.com/security/cve/CVE-2023-25362>), [CVE-2023-25363](<https://access.redhat.com/security/cve/CVE-2023-25363>), [CVE-2023-27932](<https://access.redhat.com/security/cve/CVE-2023-27932>), [CVE-2023-27954](<https://access.redhat.com/security/cve/CVE-2023-27954>), [CVE-2023-28204](<https://access.redhat.com/security/cve/CVE-2023-28204>), [CVE-2023-28205](<https://access.redhat.com/security/cve/CVE-2023-28205>), [CVE-2023-32373](<https://access.redhat.com/security/cve/CVE-2023-32373>), [CVE-2023-32409](<https://access.redhat.com/security/cve/CVE-2023-32409>)\n\nMitre: [CVE-2020-22592](<https://vulners.com/cve/CVE-2020-22592>), [CVE-2020-27918](<https://vulners.com/cve/CVE-2020-27918>), [CVE-2020-29623](<https://vulners.com/cve/CVE-2020-29623>), [CVE-2021-1765](<https://vulners.com/cve/CVE-2021-1765>), [CVE-2021-1788](<https://vulners.com/cve/CVE-2021-1788>), [CVE-2021-1789](<https://vulners.com/cve/CVE-2021-1789>), [CVE-2021-1799](<https://vulners.com/cve/CVE-2021-1799>), [CVE-2021-1801](<https://vulners.com/cve/CVE-2021-1801>), [CVE-2021-1817](<https://vulners.com/cve/CVE-2021-1817>), [CVE-2021-1820](<https://vulners.com/cve/CVE-2021-1820>), [CVE-2021-1825](<https://vulners.com/cve/CVE-2021-1825>), [CVE-2021-1826](<https://vulners.com/cve/CVE-2021-1826>), [CVE-2021-1844](<https://vulners.com/cve/CVE-2021-1844>), [CVE-2021-1870](<https://vulners.com/cve/CVE-2021-1870>), [CVE-2021-21775](<https://vulners.com/cve/CVE-2021-21775>), [CVE-2021-21779](<https://vulners.com/cve/CVE-2021-21779>), [CVE-2021-21806](<https://vulners.com/cve/CVE-2021-21806>), [CVE-2021-30661](<https://vulners.com/cve/CVE-2021-30661>), [CVE-2021-30663](<https://vulners.com/cve/CVE-2021-30663>), [CVE-2021-30665](<https://vulners.com/cve/CVE-2021-30665>), [CVE-2021-30666](<https://vulners.com/cve/CVE-2021-30666>), [CVE-2021-30682](<https://vulners.com/cve/CVE-2021-30682>), [CVE-2021-30689](<https://vulners.com/cve/CVE-2021-30689>), [CVE-2021-30720](<https://vulners.com/cve/CVE-2021-30720>), [CVE-2021-30734](<https://vulners.com/cve/CVE-2021-30734>), [CVE-2021-30744](<https://vulners.com/cve/CVE-2021-30744>), [CVE-2021-30749](<https://vulners.com/cve/CVE-2021-30749>), [CVE-2021-30758](<https://vulners.com/cve/CVE-2021-30758>), [CVE-2021-30761](<https://vulners.com/cve/CVE-2021-30761>), [CVE-2021-30762](<https://vulners.com/cve/CVE-2021-30762>), [CVE-2021-30795](<https://vulners.com/cve/CVE-2021-30795>), [CVE-2021-30797](<https://vulners.com/cve/CVE-2021-30797>), [CVE-2021-30799](<https://vulners.com/cve/CVE-2021-30799>), [CVE-2021-30809](<https://vulners.com/cve/CVE-2021-30809>), [CVE-2021-30818](<https://vulners.com/cve/CVE-2021-30818>), [CVE-2021-30836](<https://vulners.com/cve/CVE-2021-30836>), [CVE-2021-30846](<https://vulners.com/cve/CVE-2021-30846>), [CVE-2021-30848](<https://vulners.com/cve/CVE-2021-30848>), [CVE-2021-30849](<https://vulners.com/cve/CVE-2021-30849>), [CVE-2021-30851](<https://vulners.com/cve/CVE-2021-30851>), [CVE-2021-30887](<https://vulners.com/cve/CVE-2021-30887>), [CVE-2021-30888](<https://vulners.com/cve/CVE-2021-30888>), [CVE-2021-30889](<https://vulners.com/cve/CVE-2021-30889>), [CVE-2021-30890](<https://vulners.com/cve/CVE-2021-30890>), [CVE-2021-30934](<https://vulners.com/cve/CVE-2021-30934>), [CVE-2021-30936](<https://vulners.com/cve/CVE-2021-30936>), [CVE-2021-30951](<https://vulners.com/cve/CVE-2021-30951>), [CVE-2021-30952](<https://vulners.com/cve/CVE-2021-30952>), [CVE-2021-30953](<https://vulners.com/cve/CVE-2021-30953>), [CVE-2021-30954](<https://vulners.com/cve/CVE-2021-30954>), [CVE-2021-30984](<https://vulners.com/cve/CVE-2021-30984>), [CVE-2021-32912](<https://vulners.com/cve/CVE-2021-32912>), [CVE-2021-42762](<https://vulners.com/cve/CVE-2021-42762>), [CVE-2021-45481](<https://vulners.com/cve/CVE-2021-45481>), [CVE-2021-45482](<https://vulners.com/cve/CVE-2021-45482>), [CVE-2021-45483](<https://vulners.com/cve/CVE-2021-45483>), [CVE-2022-22590](<https://vulners.com/cve/CVE-2022-22590>), [CVE-2022-22592](<https://vulners.com/cve/CVE-2022-22592>), [CVE-2022-22662](<https://vulners.com/cve/CVE-2022-22662>), [CVE-2022-22677](<https://vulners.com/cve/CVE-2022-22677>), [CVE-2022-26700](<https://vulners.com/cve/CVE-2022-26700>), [CVE-2022-26709](<https://vulners.com/cve/CVE-2022-26709>), [CVE-2022-26710](<https://vulners.com/cve/CVE-2022-26710>), [CVE-2022-26716](<https://vulners.com/cve/CVE-2022-26716>), [CVE-2022-26717](<https://vulners.com/cve/CVE-2022-26717>), [CVE-2022-26719](<https://vulners.com/cve/CVE-2022-26719>), [CVE-2022-30293](<https://vulners.com/cve/CVE-2022-30293>), [CVE-2022-32792](<https://vulners.com/cve/CVE-2022-32792>), [CVE-2022-32793](<https://vulners.com/cve/CVE-2022-32793>), [CVE-2022-32816](<https://vulners.com/cve/CVE-2022-32816>), [CVE-2022-32885](<https://vulners.com/cve/CVE-2022-32885>), [CVE-2022-32888](<https://vulners.com/cve/CVE-2022-32888>), [CVE-2022-32923](<https://vulners.com/cve/CVE-2022-32923>), [CVE-2022-42799](<https://vulners.com/cve/CVE-2022-42799>), [CVE-2022-42824](<https://vulners.com/cve/CVE-2022-42824>), [CVE-2022-42826](<https://vulners.com/cve/CVE-2022-42826>), [CVE-2022-42852](<https://vulners.com/cve/CVE-2022-42852>), [CVE-2022-42856](<https://vulners.com/cve/CVE-2022-42856>), [CVE-2022-42863](<https://vulners.com/cve/CVE-2022-42863>), [CVE-2022-42867](<https://vulners.com/cve/CVE-2022-42867>), [CVE-2022-46691](<https://vulners.com/cve/CVE-2022-46691>), [CVE-2022-46692](<https://vulners.com/cve/CVE-2022-46692>), [CVE-2022-46698](<https://vulners.com/cve/CVE-2022-46698>), [CVE-2022-46699](<https://vulners.com/cve/CVE-2022-46699>), [CVE-2022-46700](<https://vulners.com/cve/CVE-2022-46700>), [CVE-2023-2203](<https://vulners.com/cve/CVE-2023-2203>), [CVE-2023-23517](<https://vulners.com/cve/CVE-2023-23517>), [CVE-2023-23518](<https://vulners.com/cve/CVE-2023-23518>), [CVE-2023-23529](<https://vulners.com/cve/CVE-2023-23529>), [CVE-2023-25358](<https://vulners.com/cve/CVE-2023-25358>), [CVE-2023-25360](<https://vulners.com/cve/CVE-2023-25360>), [CVE-2023-25361](<https://vulners.com/cve/CVE-2023-25361>), [CVE-2023-25362](<https://vulners.com/cve/CVE-2023-25362>), [CVE-2023-25363](<https://vulners.com/cve/CVE-2023-25363>), [CVE-2023-27932](<https://vulners.com/cve/CVE-2023-27932>), [CVE-2023-27954](<https://vulners.com/cve/CVE-2023-27954>), [CVE-2023-28204](<https://vulners.com/cve/CVE-2023-28204>), [CVE-2023-28205](<https://vulners.com/cve/CVE-2023-28205>), [CVE-2023-32373](<https://vulners.com/cve/CVE-2023-32373>), [CVE-2023-32409](<https://vulners.com/cve/CVE-2023-32409>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-06-07T23:52:00", "type": "amazon", "title": "Important: webkitgtk4", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-22592", "CVE-2020-27918", "CVE-2020-29623", "CVE-2021-1765", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1817", "CVE-2021-1820", "CVE-2021-1825", "CVE-2021-1826", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-30661", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30666", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30761", "CVE-2021-30762", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-30809", "CVE-2021-30818", "CVE-2021-30836", "CVE-2021-30846", "CVE-2021-30848", "CVE-2021-30849", "CVE-2021-30851", "CVE-2021-30887", "CVE-2021-30888", "CVE-2021-30889", "CVE-2021-30890", "CVE-2021-30934", "CVE-2021-30936", "CVE-2021-30951", "CVE-2021-30952", "CVE-2021-30953", "CVE-2021-30954", "CVE-2021-30984", "CVE-2021-32912", "CVE-2021-41133", "CVE-2021-42762", "CVE-2021-45481", "CVE-2021-45482", "CVE-2021-45483", "CVE-2022-22590", "CVE-2022-22592", "CVE-2022-22662", "CVE-2022-22677", "CVE-2022-26700", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26719", "CVE-2022-30293", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32816", "CVE-2022-32885", "CVE-2022-32888", "CVE-2022-32923", "CVE-2022-42799", "CVE-2022-42824", "CVE-2022-42826", "CVE-2022-42852", "CVE-2022-42856", "CVE-2022-42863", "CVE-2022-42867", "CVE-2022-46691", "CVE-2022-46692", "CVE-2022-46698", "CVE-2022-46699", "CVE-2022-46700", "CVE-2023-2203", "CVE-2023-23517", "CVE-2023-23518", "CVE-2023-23529", "CVE-2023-25358", "CVE-2023-25360", "CVE-2023-25361", "CVE-2023-25362", "CVE-2023-25363", "CVE-2023-27932", "CVE-2023-27954", "CVE-2023-28204", "CVE-2023-28205", "CVE-2023-32373", "CVE-2023-32409"], "modified": "2023-06-12T23:09:00", "id": "ALAS2-2023-2088", "href": "https://alas.aws.amazon.com/AL2/ALAS-2023-2088.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ibm": [{"lastseen": "2023-09-24T10:18:49", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-8985](<https://vulners.com/cve/CVE-2015-8985>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a flaw in the pop_fail_stack function. By using a specially crafted extended regular expression, a remote attacker could cause an assertion failure and application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126591](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126591>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-8984](<https://vulners.com/cve/CVE-2015-8984>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by an out-of-bounds read in the fnmatch function. By using a malformed pattern, a remote attacker could cause the application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126595](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126595>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3426](<https://vulners.com/cve/CVE-2021-3426>) \n** DESCRIPTION: **Python pydoc module could allow a remote attacker from within the local network obtain sensitive information. By starting the pydoc server, an attacker could exploit this vulnerability to extract arbitrary files. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2007-3716](<https://vulners.com/cve/CVE-2007-3716>) \n** DESCRIPTION: **Sun JRE (Java Runtime Environment) and JDK (Java Developer's Kit) could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the XML Digital Signature implementation. By sending a specially-crafted XML signature containing a malicious XSLT stylesheet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the application's permissions. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/35332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/35332>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2017-18018](<https://vulners.com/cve/CVE-2017-18018>) \n** DESCRIPTION: **GNU Coreutils could allow a local attacker to bypass security restrictions, caused by not preventing replacement of a plain file with a symlink issue in chown-core.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify the ownership of arbitrary files. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-17101](<https://vulners.com/cve/CVE-2018-17101>) \n** DESCRIPTION: **LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in cpTags in tools/tiff2bw.c and tools/pal2rgb.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149976>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-10001](<https://vulners.com/cve/CVE-2020-10001>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to obtain sensitive information, caused by improper input validation by the CUPS component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to obtain restricted memory information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-35448](<https://vulners.com/cve/CVE-2020-35448>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-26927](<https://vulners.com/cve/CVE-2021-26927>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in jp2_decode in jp2_dec.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197351](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197351>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28153](<https://vulners.com/cve/CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2017-13728](<https://vulners.com/cve/CVE-2017-13728>) \n** DESCRIPTION: **GNU ncurses is vulnerable to a denial of service, caused by an error in the next_char function in comp_scan.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7613](<https://vulners.com/cve/CVE-2017-7613>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124513](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124513>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7612](<https://vulners.com/cve/CVE-2017-7612>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in the check_sysv_hash function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124512](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124512>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7611](<https://vulners.com/cve/CVE-2017-7611>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in check_symtab_shndx function in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124511](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124511>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7610](<https://vulners.com/cve/CVE-2017-7610>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read check_group function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124510](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124510>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7609](<https://vulners.com/cve/CVE-2017-7609>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory consumption in elf_compress.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124509](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124509>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7608](<https://vulners.com/cve/CVE-2017-7608>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in ebl_object_note_type_name function in eblobjnotetypename.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7607](<https://vulners.com/cve/CVE-2017-7607>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read handle_gnu_hash function in readelf.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124507](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124507>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10255](<https://vulners.com/cve/CVE-2016-10255>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in __libelf_set_rawdata_wrlock function in elf_getdata.c. By persuading a victim to open a specially crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10254](<https://vulners.com/cve/CVE-2016-10254>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in allocate_elf function in common.h. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-14062](<https://vulners.com/cve/CVE-2017-14062>) \n** DESCRIPTION: **Libidn2 is vulnerable to a denial of service, caused by an integer overflow in the decode_digit function in puny_decode.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7246](<https://vulners.com/cve/CVE-2017-7246>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7245](<https://vulners.com/cve/CVE-2017-7245>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123732>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-4984](<https://vulners.com/cve/CVE-2016-4984>) \n** DESCRIPTION: **openldap-servers could allow a local authenticated attacker to obtain sensitive information, caused by a weak permission for /usr/libexec/openldap/generate-server-cert.sh issue. By leveraging a race condition between the creation of the certificate, a local attacker could exploit this vulnerability to obtain the TLS certificate. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129440](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129440>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-9318](<https://vulners.com/cve/CVE-2016-9318>) \n** DESCRIPTION: **Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating the status of current document. By using a specially-crafted document to conduct a XML external entity (XXE) attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119018](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119018>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-4493](<https://vulners.com/cve/CVE-2016-4493>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a denial of service, caused by a read access violation in demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty. An attacker could exploit this vulnerability using a specially crafted binary to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-13685](<https://vulners.com/cve/CVE-2017-13685>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the dump_callback function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131204](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131204>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-20483](<https://vulners.com/cve/CVE-2018-20483>) \n** DESCRIPTION: **GNU Wget could allow a local authenticated attacker to obtain sensitive information, caused by the storing of the origin URL in the user.xdg.origin.url metadata in the set_file_metadata function in xattr.c. By reading the metadata attribute, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154793](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154793>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-30720](<https://vulners.com/cve/CVE-2021-30720>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to access restricted ports on arbitrary servers. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-8908](<https://vulners.com/cve/CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10707](<https://vulners.com/cve/CVE-2016-10707>) \n** DESCRIPTION: **jQuery is vulnerable to a denial of service, caused by removing a logic that lowercased attribute names. By using a mixed-cased name for boolean attributes, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138030](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138030>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-18074](<https://vulners.com/cve/CVE-2018-18074>) \n** DESCRIPTION: **The Requests package for Python could allow a remote attacker to obtain sensitive information, caused by sending information in an insecure manner. By sniffing the network, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-3721](<https://vulners.com/cve/CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-18874](<https://vulners.com/cve/CVE-2019-18874>) \n** DESCRIPTION: **psutil is vulnerable to a denial of service, caused by a double free. By using specially-crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171612](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171612>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-14145](<https://vulners.com/cve/CVE-2020-14145>) \n** DESCRIPTION: **OpenSSH is vulnerable to a man-in-the-middle attack, caused by an observable discrepancy flaw. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-24370](<https://vulners.com/cve/CVE-2020-24370>) \n** DESCRIPTION: **Lua is vulnerable to a denial of service, caused by a negation overflow and segmentation fault in getlocal and setlocal. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28168](<https://vulners.com/cve/CVE-2020-28168>) \n** DESCRIPTION: **Node.js axios module is vulnerable to server-side request forgery, caused by improper input validation. By providing a URL that responds with a redirect to a restricted host or IP address, an attacker could exploit this vulnerability to conduct SSRF attack to bypass a proxy. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-30641](<https://vulners.com/cve/CVE-2021-30641>) \n** DESCRIPTION: **Apache HTTP Server could provide weaker than expected security, caused by unexpected URL matching behavior with 'MergeSlashes OFF. An attacker could exploit this vulnerability to match URLs from all sites in the same domain and launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-31535](<https://vulners.com/cve/CVE-2021-31535>) \n** DESCRIPTION: **X.Org libX11 is vulnerable to a denial of service, caused by improper input validation by the length of the string parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause emission of extra X protocol requests to the X server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202043](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202043>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33503](<https://vulners.com/cve/CVE-2021-33503>) \n** DESCRIPTION: **urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw due to catastrophic backtracking. By sending a specially-crafted URL request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203109](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203109>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33928](<https://vulners.com/cve/CVE-2021-33928>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208702](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208702>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33929](<https://vulners.com/cve/CVE-2021-33929>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_disabled_solvable in src/repo.h. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208665](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208665>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33930](<https://vulners.com/cve/CVE-2021-33930>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable_whatprovides in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33938](<https://vulners.com/cve/CVE-2021-33938>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the prune_to_recommended in src/policy.c function. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208663](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208663>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35556](<https://vulners.com/cve/CVE-2021-35556>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35559](<https://vulners.com/cve/CVE-2021-35559>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35561](<https://vulners.com/cve/CVE-2021-35561>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35564](<https://vulners.com/cve/CVE-2021-35564>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Keytool component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35565](<https://vulners.com/cve/CVE-2021-35565>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35578](<https://vulners.com/cve/CVE-2021-35578>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35586](<https://vulners.com/cve/CVE-2021-35586>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211661>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-29362](<https://vulners.com/cve/CVE-2020-29362>) \n** DESCRIPTION: **p11-glue p11-kit could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read flaw in the RPC protocol. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain up to 4 bytes of memory past the heap allocation, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-6891](<https://vulners.com/cve/CVE-2017-6891>) \n** DESCRIPTION: **GnuTLS libtasn1 is vulnerable to a stack-based buffer overflow, caused by 2 errors in the asn1_find_node function in lib/parser_aux.c. By persuading a victim to open a specially-crafted assignments file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127214](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127214>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4008](<https://vulners.com/cve/CVE-2016-4008>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by improper handling of the ASN1_DECODE_FLAG_STRICT_DER flag in _asn1_extract_der_octet function in lib/decoding.c. By using a malformed certificate, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113127](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113127>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-8817](<https://vulners.com/cve/CVE-2017-8817>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds read flaw in the FTP wildcard matching function (CURLOPT_WILDCARDMATCH). By using a string that ends with an '[' character, an attacker could exploit this vulnerability to redirect the victim to an arbitrary site. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135658>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8625](<https://vulners.com/cve/CVE-2016-8625>) \n** DESCRIPTION: **cURL/libcurl could provide weaker than expected security, caused by the translation of International Domain Names (IDNA) to puny code for DNS resolving using the IDNA 2003 standard. An attacker could exploit this vulnerability to issue network transfer requests to the wrong host. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118644](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118644>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8624](<https://vulners.com/cve/CVE-2016-8624>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to parse the authority component of the URL when handling '#' character. By using a specially-crafted URL with '#' character, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118642](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118642>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8621](<https://vulners.com/cve/CVE-2016-8621>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to obtain sensitive information, caused by an out of bounds read error within the curl_getdate function. By using specially-crafted date strings, a remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process and obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-8616](<https://vulners.com/cve/CVE-2016-8616>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the use of case insensitive comparisons. By using valid credentials exists for a protocol which supports connection-scoped credentials, an attacker could exploit this vulnerability to cause a connection to be reused. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8615](<https://vulners.com/cve/CVE-2016-8615>) \n** DESCRIPTION: **cURL/libcurl is vulnerable to cookie injection, caused by an error related to fgets() function. By using a malicious server that sends a very long cookie name and value, a remote attacker could exploit this vulnerability to inject a malicious cookie for arbitrary domains. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-22924](<https://vulners.com/cve/CVE-2021-22924>) \n** DESCRIPTION: **An unspecified error with bad connection reused due to improper path name validation in cURL libcurl has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206047](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206047>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-0755](<https://vulners.com/cve/CVE-2016-0755>) \n** DESCRIPTION: **Libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to check NTLM-authenticated proxy connections for reuse. An attacker could exploit this vulnerability to use a proxy connection for a different authenticated client username. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110290](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110290>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-13050](<https://vulners.com/cve/CVE-2019-13050>) \n** DESCRIPTION: **GNU Privacy Guard (GnuPG) is vulnerable to a denial of service, caused by a certificate spamming attack when referring to a host on the SKS keyserver network in the keyserver configuration. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-5276](<https://vulners.com/cve/CVE-2015-5276>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could provide weaker than expected security, caused by the failure to properly handle short reads from blocking sources by the std::random_device class in libstdc++. A remote attacker could exploit thsi vulnerability to predict random values. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108548](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108548>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-19645](<https://vulners.com/cve/CVE-2019-19645>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an infinite recursion flaw in alter.c. By sending a specially-crafted request using certain types of self-referential views in conjunction with ALTER TABLE statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172774](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172774>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19880](<https://vulners.com/cve/CVE-2019-19880>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an invalid pointer dereference in exprListAppendList in window.c. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19924](<https://vulners.com/cve/CVE-2019-19924>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by the mishandling of certain parser-tree rewriting in the sqlite3WindowRewrite function in expr.c, vdbeaux.c, and window.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-8457](<https://vulners.com/cve/CVE-2019-8457>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13631](<https://vulners.com/cve/CVE-2020-13631>) \n** DESCRIPTION: **SQLite could allow a remote attacker to bypass security restrictions, caused by a flaw in the alter.c and build.c. By sending a specially crafted request, an attacker could exploit this vulnerability to rename the virtual table to the name of one of its shadow tables. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2017-9233](<https://vulners.com/cve/CVE-2017-9233>) \n** DESCRIPTION: **libexpat is vulnerable to a denial of service, caused by a XML External Entity vulnerability in the parser. By using a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-5300](<https://vulners.com/cve/CVE-2016-5300>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the failure to use sufficient entropy for hash initialization. By using specially-crafted identifiers in an XML document, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114435](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114435>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-4472](<https://vulners.com/cve/CVE-2016-4472>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the removal by compilers with certain optimization settings. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114683](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114683>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2695](<https://vulners.com/cve/CVE-2015-2695>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established SPNEGO context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107874](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107874>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2696](<https://vulners.com/cve/CVE-2015-2696>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established IAKERB context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19906](<https://vulners.com/cve/CVE-2019-19906>) \n** DESCRIPTION: **cyrus-sasl is vulnerable to a denial of service, caused by an off-by-one error in _sasl_add_string in common.c. By sending a malformed LDAP packet, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-1234](<https://vulners.com/cve/CVE-2016-1234>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a stack-based buffer overflow within the glob implementation when GLOB_ALTDIRFUNC is used. A remote attacker could exploit this vulnerability using an overly long name to overflow a buffer and cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-26154](<https://vulners.com/cve/CVE-2020-26154>) \n** DESCRIPTION: **libproxy is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted PAC file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189418](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189418>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13645](<https://vulners.com/cve/CVE-2020-13645>) \n** DESCRIPTION: **GNOME glib-networking is vulnerable to a man-in-the-middle attack, caused by missing hostname verification in the server TLS certificate in the implementation of GTlsClientConnection. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-16435](<https://vulners.com/cve/CVE-2018-16435>) \n** DESCRIPTION: **Little CMS is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the AllocateDataSet function in cmscgats.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149326](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149326>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2008-3105](<https://vulners.com/cve/CVE-2008-3105>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a denial of service, caused by an error in XML data processing. An attacker could exploit this vulnerability using the JAX-WS client or a service in a trusted application to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43657](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43657>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-22931](<https://vulners.com/cve/CVE-2021-22931>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207230](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207230>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-3672](<https://vulners.com/cve/CVE-2021-3672>) \n** DESCRIPTION: **The c-ares library could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause the output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207212](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207212>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-3153](<https://vulners.com/cve/CVE-2015-3153>) \n** DESCRIPTION: **cURL/libcURL could allow a remote attacker to obtain sensitive information, caused by custom HTTP headers with sensitive content being sent to the server and intermediate proxy by the CURLOPT_HTTPHEADER option. An attacker could exploit this vulnerability to obtain authentication cookies or other sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/102989](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102989>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2016-8617](<https://vulners.com/cve/CVE-2016-8617>) \n** DESCRIPTION: **cURL/libcurl could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an out of bounds write in the base64 encode function. By using a specially crafted username, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3859](<https://vulners.com/cve/CVE-2019-3859>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read in the _libssh2_packet_require and _libssh2_packet_requirev functions. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3860](<https://vulners.com/cve/CVE-2019-3860>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with empty payloads. By sending a specially crafted SFTP packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13558](<https://vulners.com/cve/CVE-2020-13558>) \n** DESCRIPTION: **WebKitGTK and WPE WebKit could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the AudioSourceProviderGStreamer class. By persuading a victim to open specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1788](<https://vulners.com/cve/CVE-2021-1788>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195895](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195895>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1789](<https://vulners.com/cve/CVE-2021-1789>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195893](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195893>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1844](<https://vulners.com/cve/CVE-2021-1844>) \n** DESCRIPTION: **Apple Safari, macOS Big Sur, iOS, iPadOS and watchOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1870](<https://vulners.com/cve/CVE-2021-1870>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195638](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195638>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1871](<https://vulners.com/cve/CVE-2021-1871>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21779](<https://vulners.com/cve/CVE-2021-21779>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the WebKit componenet. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21806](<https://vulners.com/cve/CVE-2021-21806>) \n** DESCRIPTION: **WebKit WebKitGTK could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in fireEventListeners. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30663](<https://vulners.com/cve/CVE-2021-30663>) \n** DESCRIPTION: **Apple iOS, iPadOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201120](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201120>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30665](<https://vulners.com/cve/CVE-2021-30665>) \n** DESCRIPTION: **Apple iOS, iPadOS, watchOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201119](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201119>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30734](<https://vulners.com/cve/CVE-2021-30734>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30749](<https://vulners.com/cve/CVE-2021-30749>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202347](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202347>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30758](<https://vulners.com/cve/CVE-2021-30758>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206132](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206132>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30795](<https://vulners.com/cve/CVE-2021-30795>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an error in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206134](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206134>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30797](<https://vulners.com/cve/CVE-2021-30797>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free
CVE-2021-30682
