[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-5527-1 webkit2gtk -- webkit2gtk

ID: oval:org.secpod.oval:def:612733Date: (C)2023-10-20   (M)2024-05-10
Class: PATCHFamily: unix




The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee and Me Li discovered that processing web content may lead to arbitrary code execution. CVE-2023-41993 Bill Marczak and Maddie Stone discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Platform:
Debian 12.x
Debian 11.x
Product:
gir1.2-javascriptcoregtk-4.1
gir1.2-javascriptcoregtk-4.0
libwebkitgtk-6.0-4
gir1.2-webkit2-4.1
libjavascriptcoregtk-4.0-dev
libjavascriptcoregtk-4.1-0
libwebkit2gtk-4.0-37
libwebkit2gtk-4.1-0
libwebkit2gtk-4.1-dev
libjavascriptcoregtk-4.0-18
libwebkit2gtk-4.0-doc
libjavascriptcoregtk-4.1-dev
libjavascriptcoregtk-6.0-dev
gir1.2-javascriptcoregtk-6.0
libjavascriptcoregtk-6.0-1
webkit2gtk-driver
libjavascriptcoregtk-4.0-bin
gir1.2-webkit2-4.0
libwebkit2gtk-4.0-dev
gir1.2-webkit-6.0
libwebkitgtk-6.0-dev
Reference:
DSA-5527-1
CVE-2023-39928
CVE-2023-41074
CVE-2023-41993
CVE    3
CVE-2023-39928
CVE-2023-41074
CVE-2023-41993
CPE    16
cpe:/a:webkitgtk:libwebkit2gtk-4.0-37
cpe:/a:webkitgtk:libjavascriptcoregtk-4.0-18
cpe:/a:webkitgtk:libwebkit2gtk-4.0-dev
cpe:/a:libwebkit2gtk-4.0-doc:libwebkit2gtk-4.0-doc
...

© SecPod Technologies