12 matches found
Fedora: Security Advisory (FEDORA-2024-a1246372a4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1270-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : webkitgtk (2024-7ee03010c5)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7ee03010c5 advisory. Update to 2.44.0 CVE-2024-23263, CVE-2024-23280, CVE-2024-23284 Tenable has extracted the preceding description block directly from the Fedora...
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2516)
The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2516 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2,...
SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:1293-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1293-1 advisory. webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252:...
SUSE SLED15: WebKitGTK-4.0-lang / WebKitGTK-4.1-lang / WebKitGTK-6.0-lang / etc (SUSE-SU-2024:1270-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1270-1 advisory. - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254:...
Fedora 38 : webkitgtk (2024-f1ae7b7ac5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f1ae7b7ac5 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
Fedora 39 : webkitgtk (2024-ee43b83290)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ee43b83290 advisory. Upgrade to 2.44.0: Make the DOM accessibility tree reachable from UI process with GTK4. Removed the X11 and WPE renderers in favor of DMA-BUF...
CVE-2024-23284
A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from bei...
CVE-2024-23284
CVE-2024-23284 concerns a logic issue in WebKitGTK/WebKit rendering where processing maliciously crafted web content may prevent Content Security Policy (CSP) from being enforced. The connected sources show the same vulnerability across multiple distributions (e.g., Debian webkit2gtk advisories a...