Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2019:0108-1
HistoryJan 31, 2019 - 12:00 a.m.

Security update for webkit2gtk3 (important)

2019-01-3100:00:00
lists.opensuse.org
150

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.936 High

EPSS

Percentile

98.9%

JSON

An update that fixes 6 vulnerabilities is now available.

Description:

This update for webkit2gtk3 to version 2.22.5 fixes the following issues:

Security issues fixed:

  • CVE-2018-4438: Fixed a logic issue which lead to memory corruption
    (bsc#1119554)
  • CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443,
    CVE-2018-4464: Fixed multiple memory corruption issues with improved
    memory handling (bsc#1119553, bsc#1119555, bsc#1119556, bsc#1119557,
    bsc#1119558)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 42.3:

    zypper in -t patch openSUSE-2019-108=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3i586< - openSUSE Leap 42.3 (i586 x86_64):- openSUSE Leap 42.3 (i586 x86_64):.i586.rpm
openSUSE Leap42.3x86_64< - openSUSE Leap 42.3 (i586 x86_64):- openSUSE Leap 42.3 (i586 x86_64):.x86_64.rpm
openSUSE Leap42.3noarch< - openSUSE Leap 42.3 (noarch):- openSUSE Leap 42.3 (noarch):.noarch.rpm
openSUSE Leap42.3x86_64< - openSUSE Leap 42.3 (x86_64):- openSUSE Leap 42.3 (x86_64):.x86_64.rpm

Related

nessus 13
openvas 11
apple 12
kaspersky 1
suse 2
prion 6
debiancve 6
packetstorm 4
cve 6
osv 6
ubuntucve 6
checkpoint_advisories 4
zdt 5
fedora 2
archlinux 1
alpinelinux 1
ubuntu 1
exploitpack 1
exploitdb 1
ibm 1
googleprojectzero 1
myhack58 1
nessus
nessus
Apple Safari < 12.0.2 Multiple Vulnerabilities
2019-04-08 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-108)
2019-02-01 00:00:00
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0146-1)
2019-01-24 00:00:00
openvas
openvas
openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0108-1)
2019-02-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0146-1)
2021-04-19 00:00:00
Apple iTunes Security Updates (HT209345)
2018-12-06 00:00:00
apple
apple
About the security content of iCloud for Windows 7.9
2018-12-05 00:00:00
About the security content of iCloud for Windows 7.9 - Apple Support
2019-01-23 09:35:36
About the security content of iTunes 12.9.2 for Windows - Apple Support
2019-09-17 10:32:25
kaspersky
kaspersky
KLA11384 Multiple vulnerabilities in Apple iTunes
2018-12-12 00:00:00
suse
suse
Security update for webkit2gtk3 (moderate)
2019-03-08 00:00:00
Security update for webkit2gtk3 (important)
2019-01-23 00:00:00
prion
prion
Memory corruption
2019-04-03 18:29:00
Memory corruption
2019-04-03 18:29:00
Memory corruption
2019-04-03 18:29:00
debiancve
debiancve
CVE-2018-4443
2019-04-03 18:29:00
CVE-2018-4442
2019-04-03 18:29:00
CVE-2018-4437
2019-04-03 18:29:00
packetstorm
packetstorm
WebKit JSC AbstractValue::set Use-After-Free
2018-12-27 00:00:00
WebKit JSC JIT Use-After-Free
2019-01-16 00:00:00
WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write
2018-12-27 00:00:00
cve
cve
CVE-2018-4442
2019-04-03 18:29:00
CVE-2018-4443
2019-04-03 18:29:00
CVE-2018-4437
2019-04-03 18:29:00
osv
osv
CVE-2018-4443
2019-04-03 18:29:16
CVE-2018-4442
2019-04-03 18:29:16
CVE-2018-4464
2019-04-03 18:29:17
ubuntucve
ubuntucve
CVE-2018-4443
2019-04-03 00:00:00
CVE-2018-4442
2019-04-03 00:00:00
CVE-2018-4464
2019-04-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple WebKit AbstractValue Set Use After Free (CVE-2018-4443)
2022-11-17 00:00:00
Apple WebKit Use After Free (CVE-2018-4442)
2020-03-16 00:00:00
Apple Webkit Memory Corruption (CVE-2018-4438)
2020-03-16 00:00:00
zdt
zdt
WebKit JSC AbstractValue::set Use-After-Free Exploit
2018-12-29 00:00:00
WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free Exploit
2019-01-17 00:00:00
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains Exploit
2018-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: webkit2gtk3-2.22.5-1.fc29
2018-12-19 02:29:42
[SECURITY] Fedora 28 Update: webkit2gtk3-2.22.5-1.fc28
2018-12-29 02:25:51
archlinux
archlinux
[ASA-201812-10] webkit2gtk: arbitrary code execution
2018-12-14 00:00:00
alpinelinux
alpinelinux
CVE-2018-4437
2019-04-03 18:29:00
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2019-01-10 00:00:00
exploitpack
exploitpack
Sony Playstation 4 (PS4) 6.20 - WebKit Code Execution (PoC)
2019-03-08 00:00:00
exploitdb
exploitdb
Sony Playstation 4 (PS4) &lt; 6.20 - WebKit Code Execution (PoC)
2019-03-08 00:00:00
ibm
ibm
Security Bulletin: IBM Security Directory Suite is affected by a security vulnerability (CVE-2018-4441)
2020-11-02 19:47:23
googleprojectzero
googleprojectzero
JSC Exploits
2019-08-29 00:00:00
myhack58
myhack58
In-depth exploration found in the wild iOS exploit chain VI-vulnerability warning-the black bar safety net
2019-09-17 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.936 High

EPSS

Percentile

98.9%

JSON
Related for OPENSUSE-SU-2019:0108-1
nessus13openvas11apple12kaspersky1suse2prion6debiancve6packetstorm4cve6osv6ubuntucve6checkpoint_advisories4zdt5fedora2archlinux1alpinelinux1ubuntu1exploitpack1exploitdb1ibm1googleprojectzero1myhack581