Lucene search

K
ubuntuUbuntuUSN-5394-1
HistoryApr 28, 2022 - 12:00 a.m.

WebKitGTK vulnerabilities

2022-04-2800:00:00
ubuntu.com
74
ubuntu
webkit2gtk
web browser security
remote attacker
cross-site scripting
denial of service
arbitrary code execution
javascript
unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.004

Percentile

72.9%

Releases

  • Ubuntu 21.10
  • Ubuntu 20.04 LTS

Packages

  • webkit2gtk - Web content engine library for GTK+

Details

A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.004

Percentile

72.9%