webkitgtk: out-of-bounds write issue was addressed with improved bounds checking

A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution...

webkitgtk: sensitive information disclosure issue

A vulnerability was found in webkitgtk, where a type confusion issue was addressed with improved memory handling. By this security flaw processing maliciously crafted web content may lead to arbitrary code execution...

webkitgtk: memory corruption issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...

webkitgtk: memory corruption issue leading to arbitrary code execution

A vulnerability was found in WebKitGTK. This issue occurs when processing maliciously crafted web content in WebKit. This may allow a remote attacker to create a specially crafted web page, trick the victim into opening it, trigger memory corruption, and execute arbitrary code on the target syste...

webkitgtk: Same Origin Policy bypass issue

A logic issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process unexpected cross-origin attacks...

webkitgtk: improper bounds checking leading to arbitrary code execution

A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution...

webkitgtk: use-after-free issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...

webkitgtk: use-after-free issue leading to arbitrary code execution

A vulnerability was found in WebKitGTK. This issue exists due to a use-after-free error when processing maliciously crafted web content in WebKit. This may allow an attacker to trick the victim to visit a specially crafted website, causing an application to halt, crash, or perform arbitrary code...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::addChild()

A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

webkitgtk: type confusion issue leading to arbitrary code execution

A vulnerability was found in webkitgtk, where a logic issue was addressed with improved state management. Processing maliciously crafted web content may disclose sensitive user information...

webkitgtk: memory corruption issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...

webkitgtk: memory corruption issue leading to arbitrary code execution

A flaw was found in webkitgtk. Improper input validation leads to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or perform arbitrary code execution...

ALSA-2023:3108 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: WebKitGTK: Regression of CVE-2023-28205 fixes in the AlmaLinux CVE-2023-2203 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

ALSA-2023:2834 Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

RHEL 8 : webkit2gtk3 (RHSA-2023:2834)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2834 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leadi...

Important: webkit2gtk3 security and bug fix update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: use-after-free issue leading to arbitrary code execution CVE-2022-42826 webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-23517 webkitgtk: memory...

AlmaLinux 9 : webkit2gtk3 (ALSA-2023:2653)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2653 advisory. - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

webkitgtk: Regression of CVE-2023-28205 fixes in the Red Hat Enterprise Linux

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of...

webkitgtk: issue was addressed with improved UI handling

A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing...