DSA-5527-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:612733 | Date: (C)2023-10-20 (M)2024-05-10 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee and Me Li discovered that processing web content may lead to arbitrary code execution. CVE-2023-41993 Bill Marczak and Maddie Stone discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Platform: |
Debian 12.x |
Debian 11.x |
Product: |
gir1.2-javascriptcoregtk-4.1 |
gir1.2-javascriptcoregtk-4.0 |
libwebkitgtk-6.0-4 |
gir1.2-webkit2-4.1 |
libjavascriptcoregtk-4.0-dev |
libjavascriptcoregtk-4.1-0 |
libwebkit2gtk-4.0-37 |
libwebkit2gtk-4.1-0 |
libwebkit2gtk-4.1-dev |
libjavascriptcoregtk-4.0-18 |
libwebkit2gtk-4.0-doc |
libjavascriptcoregtk-4.1-dev |
libjavascriptcoregtk-6.0-dev |
gir1.2-javascriptcoregtk-6.0 |
libjavascriptcoregtk-6.0-1 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libwebkit2gtk-4.0-dev |
gir1.2-webkit-6.0 |
libwebkitgtk-6.0-dev |