SUSE-SU-2022:4642-1 -- SLES webkit2gtk3, libjavascriptcoregtk, libwebkit2gtk-4_0-37, typelib-1_0-JavaScriptCore-4_0, typelib-1_0-WebKit2-4_0, typelib-1_0-WebKit2WebExtension-4_0, webkit2gtk-4_0-injected-bundles, libwebkit2gtk3-langID: oval:org.secpod.oval:def:89048089 | Date: (C)2023-01-04 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3: - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management. - CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management. - CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks. - CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption. - CVE-2022-46700: Fixed an arbitrary code execution caused by memory corruption.
Platform: |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
webkit2gtk3 |
libjavascriptcoregtk |
libwebkit2gtk-4_0-37 |
typelib-1_0-JavaScriptCore-4_0 |
typelib-1_0-WebKit2-4_0 |
typelib-1_0-WebKit2WebExtension-4_0 |
webkit2gtk-4_0-injected-bundles |
libwebkit2gtk3-lang |