DSA-5468-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:95184 | Date: (C)2023-12-01 (M)2024-01-23 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-38133 YeongHyeon Choi discovered that processing web content may disclose sensitive information. CVE-2023-38572 Narendra Bhati discovered that a website may be able to bypass the Same Origin Policy. CVE-2023-38592 Narendra Bhati, Valentino Dalla Valle, Pedro Bernardo, Marco Squarcina, and Lorenzo Veronese discovered that processing web content may lead to arbitrary code execution. CVE-2023-38594 Yuhao Hu discovered that processing web content may lead to arbitrary code execution. CVE-2023-38595 An anonymous researcher, Jiming Wang, and Jikai Ren discovered that processing web content may lead to arbitrary code execution. CVE-2023-38597 Junsung Lee discovered that processing web content may lead to arbitrary code execution. CVE-2023-38599 Hritvik Taneja, Jason Kim, Jie Jeff Xu, Stephan van Schaik, Daniel Genkin, and Yuval Yarom discovered that a website may be able to track sensitive user information. CVE-2023-38600 An anonymous researcher discovered that processing web content may lead to arbitrary code execution. CVE-2023-38611 Francisco Alonso discovered that processing web content may lead to arbitrary code execution.
Platform: |
Linux Mint 6 |
Linux Mint 5 |
Product: |
gir1.2-javascriptcoregtk-4.1 |
gir1.2-javascriptcoregtk-4.0 |
libwebkitgtk-6.0-4 |
gir1.2-webkit2-4.1 |
libjavascriptcoregtk-4.0-dev |
libjavascriptcoregtk-4.1-0 |
libwebkit2gtk-4.0-37 |
libwebkit2gtk-4.1-0 |
libwebkit2gtk-4.1-dev |
libjavascriptcoregtk-4.0-18 |
libwebkit2gtk-4.0-doc |
libjavascriptcoregtk-4.1-dev |
libjavascriptcoregtk-6.0-dev |
gir1.2-javascriptcoregtk-6.0 |
libjavascriptcoregtk-6.0-1 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libwebkit2gtk-4.0-dev |
gir1.2-webkit-6.0 |
libwebkitgtk-6.0-dev |