Lucene search
Fedora 32 : webkit2gtk3 (2020-e8a7566e80)
🗓️ 03 Dec 2020 00:00:00Reported by This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus🔗 www.tenable.com👁 40 Views
Update to WebKitGTK 2.30.3: Fixes backdrop filters, scrolling, drag and drop, Outlook user agent, rendering issues & security vulnerabilities CVE-2020-9983, CVE-2020-1358
Show more
| Reporter | Title | Published | Views | Family All 86 |
|---|---|---|---|---|
 | [SECURITY] Fedora 33 Update: webkit2gtk3-2.30.3-1.fc33 | 29 Nov 202001:27 | – | fedora |
| [SECURITY] Fedora 32 Update: webkit2gtk3-2.30.3-1.fc32 | 4 Dec 202000:30 | – | fedora |
| Fedora 33 : webkit2gtk3 (2020-145877bcd3) | 30 Nov 202000:00 | – | nessus |
| Debian DSA-4797-1 : webkit2gtk - security update | 25 Nov 202000:00 | – | nessus |
| Oracle Linux 8 : GNOME (ELSA-2021-1586) | 26 May 202100:00 | – | nessus |
| GLSA-202012-10 : WebkitGTK+: Multiple vulnerabilities | 24 Dec 202000:00 | – | nessus |
| CentOS 8 : GNOME (CESA-2021:1586) | 19 May 202100:00 | – | nessus |
| openSUSE Security Update : webkit2gtk3 (openSUSE-2020-2304) | 25 Jan 202100:00 | – | nessus |
| SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:3867-1) | 18 Dec 202000:00 | – | nessus |
| NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2022-0048) | 9 May 202200:00 | – | nessus |
10
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2020-e8a7566e80.
#
include('compat.inc');
if (description)
{
script_id(143453);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/07");
script_cve_id("CVE-2020-13584", "CVE-2020-9983");
script_xref(name:"FEDORA", value:"2020-e8a7566e80");
script_name(english:"Fedora 32 : webkit2gtk3 (2020-e8a7566e80)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing a security update.");
script_set_attribute(attribute:"description", value:
"Update to WebKitGTK 2.30.3 :
- Fix backdrop filters with rounded borders.
- Fix scrolling iframes when async scrolling is enabled.
- Allow applications to handle drag and drop on the web
view again.
- Update Outlook user agent quirk.
- Fix several crashes and rendering issues.
- Security fixes: CVE-2020-9983, CVE-2020-13584
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-e8a7566e80");
script_set_attribute(attribute:"solution", value:
"Update the affected webkit2gtk3 package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-9983");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/16");
script_set_attribute(attribute:"patch_publication_date", value:"2020/12/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/12/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:webkit2gtk3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:32");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^32([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 32", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC32", reference:"webkit2gtk3-2.30.3-1.fc32")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "webkit2gtk3");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo03 Dec 2020 00:00Current
8.5High risk
Vulners AI Score8.5
CVSS26.8
CVSS38.8
EPSS0.04176