SUSE-SU-2022:4642-1 -- SLES webkit2gtk3, libjavascriptcoregtk, libwebkit2gtk-4_0-37, typelib-1_0-JavaScriptCore-4_0, typelib-1_0-WebKit2-4_0, typelib-1_0-WebKit2WebExtension-4_0, webkit2gtk-4_0-injected-bundles, libwebkit2gtk3-lang| ID: oval:org.secpod.oval:def:89048089 | Date: (C)2023-01-04 (M)2024-04-17 |
| Class: PATCH | Family: unix |
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3: - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42867: Fixed a use after free issue was addressed with improved memory management. - CVE-2022-46692: Fixed bypass of Same Origin Policy through improved state management. - CVE-2022-46698: Fixed disclosure of sensitive user information with improved checks. - CVE-2022-46699: Fixed an arbitrary code execution caused by memory corruption. - CVE-2022-46700: Fixed an arbitrary code execution caused by memory corruption.
| Platform: |
| SUSE Linux Enterprise Server 15 SP1 |
| Product: |
| webkit2gtk3 |
| libjavascriptcoregtk |
| libwebkit2gtk-4_0-37 |
| typelib-1_0-JavaScriptCore-4_0 |
| typelib-1_0-WebKit2-4_0 |
| typelib-1_0-WebKit2WebExtension-4_0 |
| webkit2gtk-4_0-injected-bundles |
| libwebkit2gtk3-lang |
