Lucene search
+L

19 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.5 views

SUSE CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

6.3CVSS7.3AI score0.02917EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2022/01/26 12:0 a.m.75 views

SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:0183-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0183-1 advisory. - Update to version 2.34.3 bsc1194019. - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy...

10CVSS6.8AI score0.13486EPSS
Exploits4References108
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2020:1992-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.4AI score0.77246EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2020:1990-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.77246EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2020:2069-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.77246EPSS
Exploits5References4
RedhatCVE
RedhatCVE
added 2020/09/16 3:0 p.m.39 views

CVE-2020-13753

A flaw was found in webkitgtk in versions prior to 2.28.3 and in WPE WebKit in versions prior to 2.28.3. The bubblewrap sandbox failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside...

7.5CVSS3.4AI score0.03169EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.74 views

SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:2069-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.28.3 bsc1173998 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. +...

10CVSS6.8AI score0.77246EPSS
Exploits5References18
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.240 views

openSUSE Security Update : webkit2gtk3 (openSUSE-2020-1064)

This update for webkit2gtk3 fixes the following issues : - Update to version 2.28.3 bsc1173998 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player....

10CVSS6.8AI score0.77246EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.53 views

GLSA-202007-11 : WebKitGTK+: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-11 WebKitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

10CVSS6.8AI score0.77246EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2020/07/27 12:0 a.m.35 views

openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2020:1064-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.8AI score0.77246EPSS
Exploits5References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/26 12:0 a.m.75 views

Security update for webkit2gtk3 (important)

openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2020:1064-1 Rating: important References: 1173998 Cross-References: CVE-2020-13753 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 Affected Products: openSUSE...

10CVSS8.4AI score0.77246EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.62 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:1990-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.28.3 bsc1173998 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. +...

10CVSS6.8AI score0.77246EPSS
Exploits5References18
Tenable Nessus
Tenable Nessus
added 2020/07/22 12:0 a.m.43 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:1992-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.28.3 bsc1173998 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. +...

10CVSS6.8AI score0.77246EPSS
Exploits5References18
NVD
NVD
added 2020/07/14 2:15 p.m.25 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

10CVSS0.02917EPSS
Exploits0References7
OSV
OSV
added 2020/07/14 2:15 p.m.4 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

10CVSS9.6AI score
Exploits0References7
CVE
CVE
added 2020/07/14 1:7 p.m.237 views

CVE-2020-13753

The CVE-2020-13753 entry concerns the bubblewrap sandbox used by WebKitGTK and WPE WebKit. Connected sources (e.g., Debian DSA-4724-1) confirm that before version 2.28.3 the bubblewrap sandbox failed to block CLONE_NEWUSER and the TIOCSTI ioctl, enabling sandbox escape: CLONE_NEWUSER could allow ...

10CVSS8.1AI score0.02917EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2020/07/14 1:7 p.m.29 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

9.6AI score0.02917EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2020/07/14 1:7 p.m.68 views

CVE-2020-13753

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONENEWUSER and the TIOCSTI ioctl. CLONENEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute comman...

10CVSS8.5AI score0.02917EPSS
Exploits0
ArchLinux
ArchLinux
added 2020/07/14 12:0 a.m.91 views

[ASA-202007-1] webkit2gtk: multiple issues

Arch Linux Security Advisory ASA-202007-1 ========================================= Severity: Critical Date : 2020-07-14 CVE-ID : CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-13753 Package : webkit2gtk Type : multiple issues Remote : Y...

10CVSS0.6AI score0.77246EPSS
Exploits5References18
Rows per page
Query Builder