Download
| Alert*
oval:org.secpod.oval:def:1701375
A logic issue was addressed with improved state management. A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processin ... oval:org.secpod.oval:def:706086 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:74554 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:605584 The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-21775 Marcin Towalski discovered that a specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into vi ... oval:org.secpod.oval:def:72503 The host is installed with Apple Safari before 14.1.1 on MacOS Mojave or MacOS Catalina and is prone to a use after free vulnerability. A flaw is present in the application, which fails to handle a memory management issue. On successful exploitation, processing maliciously crafted web content may le ... oval:org.secpod.oval:def:72423 The host is installed with Apple Mac OS 11.4 or Apple Safari before 14.1.1 on MacOS Mojave or MacOS Catalina and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a memory management issue. Successful exploitation allows an attacker to c ... oval:org.secpod.oval:def:74567 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2021-21775 Marcin Towalski discovered that a specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tric ... oval:org.secpod.oval:def:120543 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. oval:org.secpod.oval:def:120502 WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. oval:org.secpod.oval:def:89045511 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corrupt ... oval:org.secpod.oval:def:89047198 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corrupt ... oval:org.secpod.oval:def:89045492 This update for webkit2gtk3 fixes the following issues: Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corruptio ... oval:org.secpod.oval:def:506478 GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: gdm , webkit2gtk3 . Security Fix: * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution * LibRaw: Stack buffer over ... oval:org.secpod.oval:def:72498 The host is missing a security update according to Apple advisory, APPLE-SA-2021-05-25-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a validation issue. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:2500376 GNOME is the default desktop environment of AlmaLinux. oval:org.secpod.oval:def:72422 The host is missing a security update according to Apple advisory, APPLE-SA-2021-05-25-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allows attackers to cause arbitrary code executio ... oval:org.secpod.oval:def:4500064 GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm , webkit2gtk3 . For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page li ... oval:org.secpod.oval:def:76232 GNOME is the default desktop environment of Red Hat Enterprise Linux. The following packages have been upgraded to a later upstream version: gdm , webkit2gtk3 . Security Fix: * webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution * LibRaw: Stack buffer over ... oval:org.secpod.oval:def:2106967 Oracle Solaris 11 - ( CVE-2021-1817 ) oval:org.secpod.oval:def:1505266 accountsservice [0.6.55-2] - Add support for user templates so user can specify default session Resolves: #1812788 gdm [40.0-14] - Fix XDMCP Resolves: #2004170 - Fix crash at shutdown Related: #2004170 [40.0-13] - Disable Wayland on HyperV - Fix Xorg fallback Related: #1998989 [40.0-12] - Redisable ... |