WebKitGTK+ 资源管理错误漏洞

WebKitGTK+ is a full-featured port of the WebKit engine and contains all of WebKit's functionality. A resource management error vulnerability exists in WebKitGTK+, which stems from a use-after-the-fact error when processing web content in the WebKit Storage component. The following products and...

Apple WebKitGTK+ 缓冲区错误漏洞

WebKitGTK+ is a full-featured port of the WebKit engine and contains all of WebKit's features. A buffer error vulnerability exists in WebKitGTK+ that stems from a boundary error when processing web content in WebKit. The following products and versions are affected: WebKitGTK+: 2.30.0, 2.30.1,...

Ubuntu 18.04 LTS / 20.04 LTS : WebKitGTK vulnerabilities (USN-4894-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4894-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a maliciou...

SUSE: Security Advisory (SUSE-SU-2015:0688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the web page rendering module in the WebKitGTK browser of Apple’s Safari, as well as in Apple’s Mac OS, iOS, iPadOS, watchOS, and tvOS operating systems, allows attackers to execute arbitrary code.

The vulnerability of the web page rendering module in the WebKitGTK browser of Apple’s Safari, as well as in Apple’s Mac OS, iOS, iPadOS, watchOS, and tvOS operating systems, is related to the use of memory after it is freed during the processing of web content. Exploiting this vulnerability can...

Fedora: Security Advisory for webkit2gtk3 (FEDORA-2021-619711d709)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: webkit2gtk3-2.30.6-1.fc32

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

[SECURITY] Fedora 33 Update: webkit2gtk3-2.32.0-1.fc33

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Sandbox Escape

webkitgtk is vulnerable to sandbox escape. Maliciously crafted web content may violate iframe sandboxing policy...

CVE-2021-1871

A logic issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. A remote attacker may be able to cause arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2021-1844

A memory corruption issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2021-1788

A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2021-1799

A port redirection issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. A malicious website may be able to access restricted ports on arbitrary servers. The highest threat from this vulnerability is to data integrity...

CVE-2021-1789

A type confusion vulnerability was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-29623

A flaw was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. A user may be unable to fully delete the browsing history under some circumstances. The highest threat from this vulnerability is to data confidentiality...

CVE-2021-1765

A flaw was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Maliciously crafted web content may violate the iframe sandboxing policy. The highest threat from this vulnerability is to data integrity...

CVE-2020-27918

A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

[SECURITY] Fedora 34 Update: webkit2gtk3-2.32.0-1.fc34

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

Ubuntu 18.04 LTS / 20.04 LTS : WebKitGTK vulnerability (USN-4739-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4739-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website...

WebKitGTK Denial of Service Vulnerability

WebKitGTK is KDE, Apple Apple, Google Google and other companies to develop a set of open source Web browser engine. WebKitGTK suffers from a denial of service vulnerability that allows triggering a denial of service and potentially running code...