230 matches found
Important: webkitgtk4
Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. CVE-2023-42883 The issue was addresse...
Important: webkitgtk4
Issue Overview: Impact: Visiting a website that frames malicious content may lead to UI spoofing. Description: The issue was addressed with improved UI handling. CVE-2022-32919 A website may be able to track the websites a user visited in Safari private browsing mode. CVE-2022-32933 A spoofing...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-2270)
The version of webkitgtk4 installed on the remote host is prior to 2.40.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2270 advisory. A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4,...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-2177)
The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2177 advisory. A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code...
Important: webkitgtk4
Issue Overview: A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution. CVE-2023-37450 Affected Packages: webkitgtk4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-2141)
The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2141 advisory. Processing web content may lead to arbitrary code execution NOTE:...
Important: webkitgtk4
Issue Overview: Processing web content may lead to arbitrary code execution NOTE: https://webkitgtk.org/security/WSA-2023-0005.html ADVISORIES: 'DSA-5241-1', 'DSA-5240-1' CVE-2022-48503 A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-2088)
The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2088 advisory. 2024-08-28: CVE-2022-22620 was added to this advisory. 2024-08-14: CVE-2022-32893 was added to this advisory. A logic...
Important: webkitgtk4
Issue Overview: A logic issue was addressed with improved state management. CVE-2020-22592 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2,...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-1960)
The version of webkitgtk4 installed on the remote host is prior to 2.28.2-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1960 advisory. A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS...
Important: webkitgtk4
Issue Overview: A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42823 Affected...
Amazon Linux 2 : webkitgtk4 (ALAS-2022-1747)
The version of webkitgtk4 installed on the remote host is prior to 2.28.2-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1747 advisory. A flaw was found in webkitgtk. This flaw could allow an attacker to use maliciously crafted web content leading to arbitrary co...
Medium: webkitgtk4
Issue Overview: A flaw was found in webkitgtk. This flaw could allow an attacker to use maliciously crafted web content leading to arbitrary code execution. CVE-2021-30858 Affected Packages: webkitgtk4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section...
Scientific Linux Security Update : webkitgtk4 on SL7.x i686/x86_64 (2022:0059)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:0059-1 advisory. - webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30858 Note that Nessus has not tested for this issue but has instead relied only ...
webkitgtk4 security update
2.28.2-3 - Fix CVE-2021-30858 - Resolves: 2006421...
Oracle Linux 7 : webkitgtk4 (ELSA-2022-0059)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-0059 advisory. - Fix CVE-2021-30858 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...
RHEL 7 : webkitgtk4 (RHSA-2022:0059)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0059 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Use-after-free leading to arbitrary...
Moderate: Red Hat Security Advisory: webkitgtk4 security update
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
NewStart CGSL CORE 5.05 / MAIN 5.05 : webkitgtk4 Multiple Vulnerabilities (NS-SA-2021-0166)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has webkitgtk4 packages installed that are affected by multiple vulnerabilities: - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video HLS,...
Remote Code Execution (RCE)
webkitgtk4 is vulnerable to remote code execution. The vulnerability exists due to a memory corruption issue...