Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: chromium-browser: Use after free in ANGLE CVE-2024-4558 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-40789 webkitgtk:...

Fedora 41 : webkitgtk (2024-4e0b4ce6ad)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4e0b4ce6ad advisory. Update to WebKitGTK 2.46.3: Flatten layers to a plane when preseve-3d style is set. Fix DuckDuckGo links by adding a user agent quirk. Fix several...

ALSA-2024:9636 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: chromium-browser: Use after free in ANGLE CVE-2024-4558 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-40789 webkitgtk:...

Fedora 41 : webkitgtk (2024-b142cc07d0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b142cc07d0 advisory. Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent fi...

Fedora 37 : webkitgtk (2022-6bc49e9e54)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6bc49e9e54 advisory. Update to 2.38.3: Fix runtime critical warnings from media player. Fix network process crash when fetching website data on ephemeral session. Fix th...

Fedora 37 : webkitgtk (2022-08fdc4138a)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-08fdc4138a advisory. Fix scrolling issues in some sites having fixed background. Fix prolonged buffering during progressive live playback. Fix several crashes and...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the disclosure of information, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the disclosure of information. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause service failures through the use of a...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to bypassing authentication through spoofing, allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to the bypassing of authentication processes through spoofing techniques. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service...

webkit: Processing maliciously crafted web content may lead to memory corruption

A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to the program crashing. Code execution is not discarded as a consequence...

webkitgtk: Processing a file may lead to unexpected app termination or arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content can cause unexpected app termination or arbitrary code execution due to improper checks...

webkitgtk: Visiting a malicious website may lead to address bar spoofing

A flaw was found in WebKit. This flaw allows a remote attacker to conduct spoofing attacks by exploiting an inconsistent user interface issue. The attacker could perform address bar spoofing by tricking a victim into visiting a specially crafted website...

webkitgtk: A malicious website may exfiltrate data cross-origin

A flaw was found in WebKitGTK. A malicious website may exfiltrate data cross-origin due to improper checks...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash

A vulnerability was found in WebKitGTK, where processing maliciously crafted web content may lead to program to a crash. This issue occurs because code execution is not discarded as consequence...

webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

A flaw was found in WebKitGTK. Processing maliciously crafted web content may prevent the Content Security Policy from being enforced. This issue leads to items that were banned from running to be executed...

ALSA-2024:9553 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Visiting a malicious website may lead to address bar spoofing CVE-2024-40866 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-44187 webkitgtk: webkit2gtk:...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Visiting a malicious website may lead to address bar spoofing CVE-2024-40866 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-44187 webkitgtk: webkit2gtk:...

K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950

Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...