USN-4648-1: WebKitGTK vulnerabilities

🗓️ 26 Nov 2020 13:07:57Reported by UbuntuType

ubuntu🔗 ubuntu.com👁 119 Views

A large number of security issues discovered in the WebKitGTK Web and JavaScript engines could allow for remote attackers to exploit web browser security vulnerabilitie

Reporter	Title	Published	Views	Family All 266
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities	3 Dec 202118:52	–	ibm
Tenable Nessus	AlmaLinux 8 : GNOME (ALSA-2020:4451)	9 Feb 202200:00	–	nessus
Tenable Nessus	AlmaLinux 8 : GNOME (ALSA-2021:1586)	9 Feb 202200:00	–	nessus
Tenable Nessus	Apple iOS < 14.0 Multiple Vulnerabilities	18 Sep 202000:00	–	nessus
Tenable Nessus	CentOS 8 : GNOME (CESA-2021:1586)	19 May 202100:00	–	nessus
Tenable Nessus	Debian DSA-4724-1 : webkit2gtk - security update	20 Jul 202000:00	–	nessus
Tenable Nessus	Debian DSA-4797-1 : webkit2gtk - security update	25 Nov 202000:00	–	nessus
Tenable Nessus	Fedora 33 : webkit2gtk3 (2020-145877bcd3)	30 Nov 202000:00	–	nessus
Tenable Nessus	Fedora 32 : webkit2gtk3 (2020-ab074c6cdf)	14 Jul 202000:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	18.04	any	gir1.2-javascriptcoregtk-4.0	2.30.3-0ubuntu0.18.04.1	gir1.2-javascriptcoregtk-4.0_2.30.3-0ubuntu0.18.04.1_any.deb
Ubuntu	20.04	any	gir1.2-javascriptcoregtk-4.0	2.30.3-0ubuntu0.20.04.1	gir1.2-javascriptcoregtk-4.0_2.30.3-0ubuntu0.20.04.1_any.deb
Ubuntu	20.10	any	gir1.2-javascriptcoregtk-4.0	2.30.3-0ubuntu0.20.10.1	gir1.2-javascriptcoregtk-4.0_2.30.3-0ubuntu0.20.10.1_any.deb

26 Nov 2020 13:07Current

7.1High risk

Vulners AI Score7.1

CVSS 27.5

CVSS 3.110

EPSS0.02917