Astra Linux – Vulnerability in WebKit2GTK

A vulnerable "use-after-free" vulnerability exists in the WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can exploit this vulnerability, leading to remote code execution. The victim must visit a malicious website to trigger the vulnerability...

Astra Linux – Vulnerability in WebKit2GTK

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889...

Astra Linux – Vulnerability in WebKit2GTK

In BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit, prior to version 2.34.1, there was a limited bypass of the sandbox mechanism. This allowed a sandboxed process to trick host processes into believing that the sandboxed process was not confined by the sandbox. This was achieved by exploiting...

Astra Linux – Vulnerability in WebKit2GTK

In WebKitGTK up to 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...

Astra Linux – Vulnerability in WebKit2GTK

A out-of-bounds write issue has been addressed through improved input validation. This issue is fixed in iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A use-after-free vulnerability exists in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before version 2.36.8. This vulnerability allows attackers to execute code remotely...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been addressed through improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2, and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may allow bypass of the...

Astra Linux – Vulnerability in WebKit2GTK

A flaw was discovered in WebKitGTK. Processing malicious web content may cause an unexpected process crash due to improper memory handling...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2, and iPadOS 17.2, as well as macOS Sonoma 14.2. Processing web content may result in a denial-of-service...

Astra Linux – Vulnerability in WebKit2GTK

A flaw was discovered in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure, which can reveal any file that the user is allowed to read by exploiting the file drag-and-drop mechanism. WebKitGTK does not verify that drag operations originate from outside the browser...

Astra Linux – Vulnerability in WebKit2GTK

A use-after-free vulnerability exists in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before version 2.36.8, allowing attackers to execute code remotely...

Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3270 (ALAS-2026-3270)

The version of webkitgtk4 installed on the remote host is prior to 2.52.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3270 advisory. A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari...

RHEL 8 : webkit2gtk3 (RHSA-2026:11814)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11814 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...