[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2023:2056-1 -- SLES webkit2gtk3, typelib-1_0-WebKit2-4_0, typelib-1_0-WebKit2WebExtension-4_0, webkit2gtk-4_0-injected-bundles, libjavascriptcoregtk, libwebkit2gtk-4_0-37, typelib-1_0-JavaScriptCore-4_0, libwebkit2gtk3-lang

ID: oval:org.secpod.oval:def:89048774Date: (C)2023-06-02   (M)2024-04-17
Class: PATCHFamily: unix




This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 : * CVE-2022-0108: Fixed information leak. * CVE-2022-32885: Fixed arbitrary code execution. * CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. * CVE-2023-27932: Fixed Same Origin Policy bypass. * CVE-2023-27954: Fixed sensitive user information tracking. * CVE-2023-28205: Fixed arbitrary code execution . Already fixed in version 2.38.5: * CVE-2022-32886, CVE-2022-32912, CVE-2023-25360, CVE-2023-25361, CVE-2023-25362, CVE-2023-25363.

Platform:
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12 SP4
Product:
webkit2gtk3
typelib-1_0-WebKit2-4_0
typelib-1_0-WebKit2WebExtension-4_0
webkit2gtk-4_0-injected-bundles
libjavascriptcoregtk
libwebkit2gtk-4_0-37
typelib-1_0-JavaScriptCore-4_0
libwebkit2gtk3-lang
Reference:
SUSE-SU-2023:2056-1
CVE-2022-0108
CVE-2022-32885
CVE-2022-32886
CVE-2022-32912
CVE-2023-25358
CVE-2023-25360
CVE-2023-25361
CVE-2023-25362
CVE-2023-25363
CVE-2023-27932
CVE-2023-27954
CVE-2023-28205
CVE    12
CVE-2022-0108
CVE-2023-25358
CVE-2023-27932
CVE-2023-27954
...
CPE    11
cpe:/a:webkit2gtk3:libjavascriptcoregtk
cpe:/a:webkit2gtk-4_0-injected-bundles:webkit2gtk-4_0-injected-bundles
cpe:/a:libwebkit2gtk3-lang:libwebkit2gtk3-lang
cpe:/o:suse:suse_linux_enterprise_server:12:sp5
...

© SecPod Technologies