DSA-4739-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:66732 | Date: (C)2020-11-09 (M)2023-01-16 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-9862 Ophir Lojkine discovered that copying a URL from the Web Inspector may lead to command injection. CVE-2020-9893 0011 discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9894 0011 discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9895 Wen Xu discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9915 Ayoub Ait Elmokhtar discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced. CVE-2020-9925 An anonymous researcher discovered that processing maliciously crafted web content may lead to universal cross site scripting.
Product: |
libwebkit2gtk-4.0-dev |