USN-5306-1 webkit2gtk vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5306-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5306-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

CVE-2022-22620

A use-after-free vulnerability was found in WebKitGTK. The vulnerability occurs when processing HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a use-after-free error and leading to the execution of arbitrary cod...

[SECURITY] Fedora 35 Update: webkit2gtk3-2.34.6-1.fc35

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 35 Update: webkit2gtk3-2.34.5-1.fc35

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

CVE-2022-22592

A vulnerability was found in WebKitGTK. The flaw exists due to a logic issue when processing HTML content in WebKit. This flaw allows a remote attacker to create a specially crafted web page, trick the victim into visiting it, and prevent the Content Security Policy from being enforced, allowing...

CVE-2022-22589

A vulnerability was found in WebKitGTK. The vulnerability exists due to improper input validation in WebKit when processing email messages. This flaw allows a remote attacker to trick the victim into opening a specially crafted email message and execute arbitrary JavaScript code...

CVE-2022-22590

A use-after-free vulnerability was found in WebKitGTK. The vulnerability occurs when processing HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, trigger a use-after-free error and execute arbitrary code on the system...

The vulnerability of the API IndexDB component in the display modules of WebKitGTK and WPE WebKit allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the API IndexDB component in the rendering modules of WebKitGTK and WPE WebKit relates to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

AlmaLinux 8 : GNOME (ALSA-2019:3553)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3553 advisory. - It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical...

AlmaLinux 8 : GNOME (ALSA-2021:4381)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4381 advisory. - A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lea...

Rocky Linux 8 : GNOME (RLSA-2021:4381)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4381 advisory. - A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted...

The vulnerability of the web page rendering modules in WebKitGTK and WPE for Apple operating systems such as iPadOS, watchOS, iOS, tvOS, as well as in browsers like Safari, multimedia player iTunes, and iCloud service for Windows operating systems, allows a perpetrator to execute arbitrary code on the target system.

The vulnerability of the web page rendering modules in WebKitGTK and WPE for Apple’s iPadOS, watchOS, iOS, tvOS, Safari browser, multimedia player iTunes, and iCloud service for Windows operating systems is related to writing beyond the buffer limit in memory. Exploiting this vulnerability could...

GLSA-202202-01 : WebkitGTK+: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202202-01 WebkitGTK+: Multiple vulnerabilities - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave,...

WebkitGTK+: Multiple vulnerabilities

Background WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Description Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE...

Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5255-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5255-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

Ubuntu: Security Advisory (USN-5255-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5255-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

USN-5255-1 webkit2gtk vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

PT-2022-4775 · Apple +8 · Macos Monterey +14

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.3 iPadOS versions prior to 15.3 watchOS versions prior to 8.4 tvOS versions prior to 15.3 Safari versions prior to 15.3 macOS Monterey versions prior to 12.2 Description: A use after free issue was addressed with...