DSA-4724-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:604921 | Date: (C)2020-07-22 (M)2024-05-22 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-9802 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9803 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9805 An anonymous researcher discovered that processing maliciously crafted web content may lead to universal cross site scripting. CVE-2020-9806 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9807 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-9843 Ryan Pickren discovered that processing maliciously crafted web content may lead to a cross site scripting attack. CVE-2020-9850 @jinmo123, @setuid0x0_, and @insu_yun_en discovered that a remote attacker may be able to cause arbitrary code execution. CVE-2020-13753 Milan Crha discovered that an attacker may be able to execute commands outside the bubblewrap sandbox.
Product: |
libwebkit2gtk-4.0-doc |
gir1.2-javascriptcoregtk-4.0 |
libwebkit2gtk-4.0-dev |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libjavascriptcoregtk-4.0-dev |
libwebkit2gtk-4.0-37 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-18 |