Astra Linux – Vulnerability in Firefox

Memory safety bugs exist in Firefox 118. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 119...

Astra Linux – Vulnerability in gstreamer1.0, gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

Astra Linux – Vulnerability in Firefox and Thunderbird

When Responsive Design Mode was enabled, it used references to objects that had previously been freed. We assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Astra Linux – Vulnerability in Firefox

When Web Render components were destroyed, a race condition could lead to undefined behavior. We assume that with sufficient effort, this vulnerability could be exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88.0.1, as well as Firefox for Android...

Astra Linux – Vulnerability in WebKit2GTK

Integer overflow has been addressed through improved input validation. This issue is fixed in iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, and macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

Multiple memory corruption issues have been resolved through improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6, iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, and watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15, and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.3, iOS 15.4, iPadOS 15.4, tvOS 15.4, and Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code...

Astra Linux – Vulnerability in Firefox

Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs in Firefox 95. Some of these bugs exhibited signs of memory corruption, and we believe that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects...

Astra Linux – Vulnerability in htmldoc

A flaw was discovered in htmldoc commit 31f7804. A heap buffer overflow in the pdfwritenames function in ps-pdf.cxx may lead to arbitrary code execution and a Denial of Service DoS attack...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in Inkscape

Inkscape version 0.91 is vulnerable to a out-of-bounds write vulnerability, which may allow an attacker to arbitrarily execute code...

Astra Linux – Vulnerability in WebKit2GTK

A type confusion issue has been resolved through improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1, and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved validation. This issue is fixed in iOS 15.6, iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in Safari 16.4.1, iOS 15.7.5, and iPadOS 15.7.5; iOS 16.4.1, and iPadOS 16.4.1; as well as macOS Ventura 13.3.1. Processing maliciously crafted web...

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6, and iPadOS 15.7.6, Safari 16.5, iOS 16.5, and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory corruption issue has been resolved through improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4, as well as iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved restrictions. This issue is fixed in iOS 16.6, iPadOS 16.6, watchOS 9.6, tvOS 16.6, and macOS Ventura 13.5. Processing web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in exempi

The XMP Toolkit version 2020.1 and earlier versions is affected by a memory corruption vulnerability, which may lead to the execution of arbitrary code within the context of the current user. User interaction is required to exploit this vulnerability...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved checks. This issue has been fixed in tvOS 17, Safari 17, watchOS 10, iOS 17, and iPadOS 17, as well as macOS Sonoma 14. Processing web content may lead to arbitrary code execution...