DSA-4627-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:604751 | Date: (C)2020-02-20 (M)2023-11-18 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-3862 Srikanth Gatta discovered that a malicious website may be able to cause a denial of service. CVE-2020-3864 Ryan Pickren discovered that a DOM object context may not have had a unique security origin. CVE-2020-3865 Ryan Pickren discovered that a top-level DOM object context may have incorrectly been considered secure. CVE-2020-3867 An anonymous researcher discovered that processing maliciously crafted web content may lead to universal cross site scripting. CVE-2020-3868 Marcin Towalski discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Product: |
libwebkit2gtk-4.0-doc |
gir1.2-javascriptcoregtk-4.0 |
libwebkit2gtk-4.0-dev |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libjavascriptcoregtk-4.0-dev |
libwebkit2gtk-4.0-37 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-18 |