TencentOS Server 3: webkit2gtk3 (TSSA-2023:0080)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0080 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

webkit2gtk3 security and bug fix update

2.40.5-1 - Upgrade to 2.40.5. Also, disable JIT Resolves: 2176269 Resolves: 2185742 Resolves: 2209728 Resolves: 2209745 Resolves: 2218649 Resolves: 2218651 Resolves: 2224611 2.38.5-1.4 - Add patch for CVE-2023-28204 Resolves: 2209744 - Add patch for CVE-2023-32373 Resolves: 2209727 2.38.5-1.3 -...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2023:3300-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3300-1 advisory. - The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, mac...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2023:2647-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2647-1 advisory. - An out-of-bounds read was addressed with improved input validation. This issue is fixed in...

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that th...

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that th...

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that th...

CVE-2023-28204

An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that th...

CVE-2023-28204

CVE-2023-28204 is an out-of-bounds read in WebKit caused by improper input handling while processing web content. It affects WebKit-based components and was fixed in multiple vendor advisories: Apple updates (watchOS/macOS/iOS/iPadOS/Safari) and WebKitGTK/WPE WebKit packages (e.g., webkitgtk4 2.3...

SUSE SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2023:2607-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2607-1 advisory. - An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6...

SUSE: Security Advisory (SUSE-SU-2023:2607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2606-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0197)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5427-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5427-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5427-1 [email protected] https://www.debian.org/security/ Alberto Garcia June 15, 2023 https://www.debian.org/security/faq -...

Debian DSA-5427-1 : webkit2gtk - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5427 advisory. - An out-of-bounds read was addressed with improved input validation. CVE-2023-28204 - A use-after-free issue was addressed with improved memory management...

RLSA-2023:3432 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: a use-after-free when processing maliciously crafted web content CVE-2023-32373 webkitgtk: an out-of-bounds read when processing malicious content CVE-2023-28204 For more details abou...

webkit2gtk3 security update

2.38.5-1.4 - Add patch for CVE-2023-28204 Resolves: 2209744 - Add patch for CVE-2023-32373 Resolves: 2209727...

webkit2gtk3 security update

2.38.5-1.2 - Add patch for CVE-2023-28204 Resolves: 2209747 - Add patch for CVE-2023-32373 Resolves: 2209730...

RHEL 8 : webkit2gtk3 (RHSA-2023:3433)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3433 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: a use-after-free when...