CVE-2023-50977

A flaw was found In gnome-shell. The GNOME Network Manager and GNOME Shell Portal Helper connectivity checks send DNS checks that, if intercepted, may be used to launch a GNOME Captive Portal in a WebKitGTK browser and load arbitrary HTML and Javascript code. Mitigation Mitigation for this issue ...

RHEL 8 : webkit2gtk3 (RHSA-2024:2982)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2982 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free in the...

webkitgtk: Processing web content may lead to arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in arbitrary code execution...

webkitgtk: Arbitrary Remote Code Execution

A flaw was found in WebKitGTK. Processing malicious web content may lead to remote code execution. This vulnerability is known to be actively exploited in the wild and was included in the CISA's KEV catalog...

webkitgtk: processing a malicious image may lead to a denial of service

A flaw was found in WebKitGTK. This issue exists due to a boundary error when processing a malicious image, which could result in a denial of service...

webkitgtk: Processing web content may lead to arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in arbitrary code execution...

webkitgtk: Processing web content may lead to arbitrary code execution

A vulnerability was found in WebKitGTK and WPE WebKit, which allows remote attacker to perform arbitrary code execution when processing web content. This vulnerability caused by insufficient checks, which could be exploited by attackers to execute malicious code on affected systems...

webkitgtk: Processing web content may lead to a denial of service

A vulnerability in WebKitGTK and WPE WebKit may result in a denial-of-service when processing web content. This issue arises from improper memory handling, which could be exploited by attackers to crash the affected systems...

webkitgtk: Processing web content may lead to arbitrary code execution

A vulnerability in WebKitGTK and WPE WebKit could allow an attacker to execute arbitrary code on a target system. The issue arises from a use-after-free flaw in memory management when processing web content. This flaw can potentially give attackers the ability to take control of affected systems...

webkitgtk: User password may be read aloud by a text-to-speech accessibility feature

A flaw was found in webkitgtk where a user’s password may be read aloud by a text-to-speech accessibility feature...

webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports

A use-after-free vulnerability was found in the WebKitGTK's MediaRecorder API that may lead to memory corruption and Remote Code Execution. The victim needs to access a malicious web page to trigger this vulnerability...

webkitgtk: processing malicious web content may lead to arbitrary code execution

A flaw was found in WebKitGTK. This issue exists due to a boundary error when processing malicious HTML content in WebKit, which could result in memory corruption and arbitrary code execution on the target system...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

ALSA-2024:2982 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

RHEL 6 : webkitgtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution CVE-2021-30954...

RHEL 7 : webkitgtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution CVE-2021-30954...

sushi bug fix update

An update is available for sushi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager. I...

[SECURITY] Fedora 40 Update: webkit2gtk4.0-2.44.1-1.fc40

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. This package contains WebKitGTK for GTK 3 and libsoup 2...

Oracle Linux 9 : webkit2gtk3 (ELSA-2024-2126)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2126 advisory. 2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3960 2.42.4-1 - Update to 2.42.4 Resolves: RHEL-3960 Resolves: RHEL-19366 2.42.3-1 - Update to 2.42.3...