webkitgtk: Type confusion leading to arbitrary code execution

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution...

webkitgtk: Memory corruption may lead to arbitrary code execution

A flaw was found in webkitgtk in versions prior to 2.28.3 and in WPE WebKit in versions prior to 2.28.3. A memory corruption issue could allow processing maliciously crafted web content leading to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and...

webkitgtk: Multiple memory corruption issues leading to arbitrary code execution

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues...

webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution

An out-of-bounds read flaw was found in webkitgtk that affected WebKitGTK versions before 2.28.4 and WPE WebKit versions before 2.28.4. This flaw allows a remote attacker to cause unexpected application termination or arbitrary code execution. The highest threat from this vulnerability is to...

webkitgtk: Incorrect processing of file URLs

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

webkitgtk: use-after-free via crafted web content

A use-after-free flaw exists in WebKitGTK. This flaw allows remote attackers to execute arbitrary code or cause a denial of service...

webkitgtk: Use-after-free may lead to application termination or arbitrary code execution

A use-after-free issue was found in webkitgtk that affected WebKitGTK versions before 2.28.4 and WPE WebKit versions before 2.28.4. This flaw allows a remote attacker to cause unexpected application termination or arbitrary code execution. The highest threat from this vulnerability is to...

webkitgtk: Websites could reveal browsing history

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history...

webkitgtk: Multiple memory corruption issues leading to arbitrary code execution

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to...

webkitgtk: Denial of service via incorrect memory handling

A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service...

webkitgtk: Multiple memory corruption issues leading to arbitrary code execution

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution...

RHEL 8 : GNOME (RHSA-2020:4451)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4451 advisory. GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version:...

ALSA-2020:4451 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop 0.1.8, pipewire 0.3.6, vte291 0.52.4, webkit2gtk3 2.28.4, xdg-desktop-portal 1.6.0, xdg-desktop-portal-gtk 1.6.0. BZ1775345, BZ1779691, BZ1817143,...

RLSA-2020:4451 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop 0.1.8, pipewire 0.3.6, vte291 0.52.4, webkit2gtk3 2.28.4, xdg-desktop-portal 1.6.0, xdg-desktop-portal-gtk 1.6.0. BZ1775345, BZ1779691, BZ1817143,...

Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of AlmaLinux. The following packages have been upgraded to a later upstream version: gnome-remote-desktop 0.1.8, pipewire 0.3.6, vte291 0.52.4, webkit2gtk3 2.28.4, xdg-desktop-portal 1.6.0, xdg-desktop-portal-gtk 1.6.0. BZ1775345, BZ1779691, BZ1817143,...

webkitgtk4 security update

CentOS Errata and Security Advisory CESA-2020:4035 An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

Cross-site Scripting (XSS)

WebKitGTK+ is vulnerable to cross-site scripting XSS. Processing maliciously crafted web content may lead to a cross site scripting attack...

Arbitrary Code Execution

WebKitGTK+ is vulnerable to arbitrary code execution. Processing maliciously crafted web content may lead to arbitrary code execution...

Arbitrary Code Execution

webkitgtk is vulnerable to arbitrary code execution.Attacker execute the maliciously crafted web content,Its leads to arbitrary code execution...

Arbitrary Code Execution

webkitgtk is vulnerable to arbitrary code execution.The attacker execute the maliciously crafted web content to create multiple memory corruption issue lead to arbitrary code execution...