Debian: Security Advisory (DSA-5397-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5397-1] wpewebkit security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5397-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 03, 2023 https://www.debian.org/security/faq -...

[SECURITY] [DSA 5396-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5396-1 [email protected] https://www.debian.org/security/ Alberto Garcia May 03, 2023 https://www.debian.org/security/faq -...

Fedora 37 : webkitgtk (2023-a4bbf02a57)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a4bbf02a57 advisory. The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still...

SUSE-SU-2023:2077-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 bsc1210731: - CVE-2022-0108: Fixed information leak. - CVE-2022-32885: Fixed arbitrary code execution. - CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. - CVE-2023-27932: Fixed Same Origin...

SUSE-SU-2023:2056-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 bsc1210731: - CVE-2022-0108: Fixed information leak. - CVE-2022-32885: Fixed arbitrary code execution. - CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. - CVE-2023-27932: Fixed Same Origin...

SUSE CVE-2023-27932

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy...

CVE-2023-27932

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy...

UBUNTU-CVE-2023-27932

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web content may bypass Same Origin Policy...

Apple tvOS 安全漏洞

Apple tvOS is an operating system for smart TVs from Apple. A security vulnerability exists in Apple tvOS that stems from the handling of maliciously crafted web content that may bypass the same-origin policy...

About the security content of Safari 16.4

About the security content of Safari 16.4 This document describes the security content of Safari 16.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Google Chrome Navigation component code issue vulnerability

Google Chrome is a web browser from Google, an American company. A code issue vulnerability exists in versions prior to Google Chrome 111.0.5563.64, which stems from a weak policy enforcement issue in the Navigation component. A remote attacker can exploit the vulnerability to bypass the...

Same-Origin Policy Bypass

chromium is vulnerable to Same-Origin Policy Bypass. Insufficient policy enforcement in DevTools allows an attacker to bypass same origin policy and proxy settings via a crafted HTML page...

SUSE CVE-2023-1225

Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

Debian: Security Advisory (DLA-558-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-752-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1751-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1225

Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-1225

Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-1225

Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...