Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2024:2126
HistoryApr 30, 2024 - 12:00 a.m.

Important: webkit2gtk3 security update

2024-04-3000:00:00
Google
osv.dev
2
webkitgtk
security fix
arbitrary code execution
denial of service
memory disclosure
text-to-speech
use-after-free
fingerprinting

8.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.6%

JSON

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

  • webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414)
  • webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852)
  • webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-23213)
  • webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents (CVE-2014-1745)
  • webkitgtk: User password may be read aloud by a text-to-speech accessibility feature (CVE-2023-32359)
  • webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (CVE-2023-39928)
  • webkitgtk: Processing web content may lead to a denial of service (CVE-2023-41983)
  • webkitgtk: processing a malicious image may lead to a denial of service (CVE-2023-42883)
  • webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-42890)
  • webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2024-23206)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

Related

nessus 41
oraclelinux 1
redhat 1
almalinux 1
openvas 42
ubuntu 4
osv 9
gentoo 1
amazon 3
fedora 6
debian 6
prion 10
cve 10
redhatcve 10
debiancve 10
apple 16
ubuntucve 10
cvelist 10
thn 1
talos 1
mageia 1
threatpost 1
chrome 1
kaspersky 1
freebsd 1
securityvulns 1
nessus
nessus
Oracle Linux 9 : webkit2gtk3 (ELSA-2024-2126)
2024-05-06 00:00:00
RHEL 9 : webkit2gtk3 (RHSA-2024:2126)
2024-04-30 00:00:00
SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2024:0003-1)
2024-01-03 00:00:00
oraclelinux
oraclelinux
webkit2gtk3 security update
2024-05-02 00:00:00
redhat
redhat
(RHSA-2024:2126) Important: webkit2gtk3 security update
2024-04-30 06:14:49
almalinux
almalinux
Important: webkit2gtk3 security update
2024-04-30 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5527-1)
2023-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0548-1)
2024-02-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0545-1)
2024-02-21 00:00:00
ubuntu
ubuntu
WebKitGTK vulnerabilities
2023-11-20 00:00:00
WebKitGTK vulnerabilities
2024-02-12 00:00:00
WebKitGTK vulnerability
2024-01-15 00:00:00
osv
osv
webkit2gtk - security update
2023-11-17 00:00:00
webkit2gtk vulnerabilities
2023-11-20 15:59:27
webkit2gtk - security update
2023-10-12 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2024-01-31 00:00:00
amazon
amazon
Important: webkitgtk4
2024-02-15 03:52:00
Important: webkitgtk4
2024-01-19 01:51:00
Important: webkitgtk4
2024-01-19 01:51:00
fedora
fedora
[SECURITY] Fedora 38 Update: webkitgtk-2.42.2-1.fc38
2023-11-26 03:05:33
[SECURITY] Fedora 39 Update: webkitgtk-2.42.2-1.fc39
2023-11-30 03:31:36
[SECURITY] Fedora 37 Update: webkitgtk-2.42.2-1.fc37
2023-11-15 02:02:03
debian
debian
[SECURITY] [DSA 5557-1] webkit2gtk security update
2023-11-17 00:22:40
[SECURITY] [DSA 5618-1] webkit2gtk security update
2024-02-08 23:24:14
[SECURITY] [DSA 5580-1] webkit2gtk security update
2023-12-18 21:43:38
prion
prion
Code injection
2024-01-23 01:15:00
Design/Logic Flaw
2024-01-23 01:15:00
Design/Logic Flaw
2023-10-25 19:15:00
cve
cve
CVE-2024-23213
2024-01-23 01:15:11
CVE-2023-41983
2023-10-25 19:15:10
CVE-2023-32359
2023-10-25 19:15:09
redhatcve
redhatcve
CVE-2024-23206
2024-03-15 22:37:45
CVE-2024-23213
2024-03-18 16:23:54
CVE-2023-42883
2023-12-13 11:30:53
debiancve
debiancve
CVE-2024-23206
2024-01-23 01:15:10
CVE-2023-41983
2023-10-25 19:15:10
CVE-2023-32359
2023-10-25 19:15:09
apple
apple
About the security content of Safari 17.2
2023-12-11 00:00:00
About the security content of Safari 17.3
2024-01-22 00:00:00
About the security content of Safari 17.1
2023-10-25 00:00:00
ubuntucve
ubuntucve
CVE-2024-23213
2024-01-23 00:00:00
CVE-2023-42883
2024-01-03 00:00:00
CVE-2023-40414
2024-01-10 00:00:00
cvelist
cvelist
CVE-2023-32359
2023-10-25 18:31:38
CVE-2024-23213
2024-01-23 00:25:24
CVE-2024-23206
2024-01-23 00:25:22
thn
thn
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
2023-12-12 06:44:00
talos
talos
Webkit MediaRecorder API stopRecording use-after-free vulnerability
2023-10-06 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2024-04-26 09:47:12
threatpost
threatpost
Chrome 35 Fixes 23 Security Flaws
2014-05-20 14:11:21
chrome
chrome
Stable Channel Update
2014-05-20 00:00:00
kaspersky
kaspersky
KLA10007 Multiple vulnerabilities in Google Chrome
2014-05-20 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2014-05-20 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2939-1] chromium-browser security update
2014-06-09 00:00:00

8.2 High

AI Score

Confidence

Low

0.017 Low

EPSS

Percentile

87.6%

JSON
Related for OSV:ALSA-2024:2126
nessus41oraclelinux1redhat1almalinux1openvas42ubuntu4osv9gentoo1amazon3fedora6debian6prion10cve10redhatcve10debiancve10apple16ubuntucve10cvelist10thn1talos1mageia1threatpost1chrome1kaspersky1freebsd1securityvulns1