126 matches found
SUSE CVE-2025-66286
An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...
CVE-2025-66286
An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...
CVE-2025-66286
Technical details about CVE-2025-66286 are not publicly available in the provided documents. Monitor for updates from Red Hat, WebKitGTK, and WPE WebKit for affected products, versions, impact, and fixes.
webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
DEBIAN-CVE-2025-13502
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
CVE-2025-13502 Webkit: webkitgtk / wpe webkit: out-of-bounds read and integer underflow vulnerability leading to dos
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
CVE-2025-13502
A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash DoS via a crafted payload to the GLib remote inspector server...
Linux Distros Unpatched Vulnerability : CVE-2021-42762
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into...
webkitgtk: Memory corruption may lead to arbitrary code execution
A flaw was found in webkit gtk in versions prior to 2.28.3 and in WPE WebKit in versions prior to 2.28.3. A memory corruption issue could allow processing of maliciously crafted web content that could lead to arbitrary code execution. The highest threat from this vulnerability is to data...
webkitgtk: Use-after-free leading to arbitrary code execution
A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
webkitgtk: Use-after-free leading to arbitrary code execution
A use-after-free issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
webkitgtk: limited sandbox escape via VFS syscalls
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. The impact...
webkitgtk: heap-buffer-overflow in WebCore::TextureMapperLayer::setContentsLayer
REJECTED CVE In WebKitGTK through 2.36.0 and WPE WebKit, there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
webkitgtk: Same Origin Policy bypass issue
A logic issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process unexpected cross-origin attacks...
Linux Distros Unpatched Vulnerability : CVE-2019-6251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious...
webkitgtk: Processing web content may lead to arbitrary code execution
A vulnerability was found in WebKitGTK and WPE WebKit, which allows remote attacker to perform arbitrary code execution when processing web content. This vulnerability caused by insufficient checks, which could be exploited by attackers to execute malicious code on affected systems...
K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950
Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
ROS-20240923-01
The vulnerability of WebKitGTK and WPE WebKit web page display modules is related to memory access after it is memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20240918-03
A vulnerability in the WebCore::RenderLayer::renderer function of the WPE WebKit and WebKitGTK web page display modules is related to memory usage after it is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in...
webkitgtk: Processing web content may lead to arbitrary code execution
A vulnerability in WebKitGTK and WPE WebKit could allow an attacker to execute arbitrary code on a target system. The issue arises from a use-after-free flaw in memory management when processing web content. This flaw can potentially give attackers the ability to take control of affected systems...