Lucene search
K

8 matches found

AlmaLinux
AlmaLinux
added 2025/12/08 12:0 a.m.7 views

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...

8.8CVSS6.4AI score0.03901EPSS
Exploits1References38
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2019-11070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video HLS, DASH, or Smooth...

5.3CVSS6.6AI score0.03232EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/10/22 4:44 p.m.58 views

CVE-2021-42762

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact...

8.8CVSS1.9AI score0.00501EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/10/20 6:15 p.m.28 views

CVE-2021-42762

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact...

5.3CVSS1.9AI score0.00501EPSS
Exploits1
ArchLinux
ArchLinux
added 2021/07/27 12:0 a.m.265 views

[ASA-202107-67] webkit2gtk: multiple issues

Arch Linux Security Advisory ASA-202107-67 ========================================== Severity: High Date : 2021-07-27 CVE-ID : CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30795 CVE-2021-30797...

9.3CVSS0.7AI score0.03471EPSS
Exploits5References27
OSV
OSV
added 2020/07/14 2:15 p.m.3 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

10CVSS9.6AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2020/03/02 11:15 p.m.37 views

CVE-2020-10018

WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 which are the versions right before 2.28.0 contains a memory corruption issue use-after-free that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling...

9.8CVSS7AI score0.05028EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/06/14 12:0 a.m.28 views

CVE-2018-12293

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which...

8.8CVSS7.4AI score0.10525EPSS
Exploits4References3
Rows per page
Query Builder