Latest wpewebkit wpe webkit Vulnerabilities

CVE-2023-40397
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.
Apple iOS<16.6
Apple iPadOS<16.6
<13.5
Apple macOS<13.5
WebKitGTK WebKitGTK<2.40.5
Wpewebkit Wpe Webkit<2.40.5
CVE-2023-32370
WebKit. A logic issue was addressed with improved validation.
Apple macOS Ventura<13.3
<16.4
Apple iOS<16.4
Apple iPadOS<16.4
Apple macOS>=13.0<13.3
WebKitGTK WebKitGTK<2.40.1
and 1 more
CVE-2023-28198
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.
<13.3
<16.4
Apple iOS<15.7.4
Apple iPadOS<15.7.4
Apple iOS<16.4
Apple iPadOS<16.4
and 10 more
CVE-2022-32893
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS<15.6.1
Apple iPadOS<15.6.1
Apple macOS Monterey<12.5.1
Apple Safari<15.6.1
Apple Safari<15.6.1
and 13 more
CVE-2022-2294
Heap buffer overflow in WebRTC
Apple Safari<15.6
<12.5
Apple iOS<15.6
Apple iPadOS<15.6
Google Chrome<103.0.5060.114
WebRTC WebRTC
and 31 more
CVE-2021-42762
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not conf...
debian/webkit2gtk
debian/wpewebkit
WebKitGTK WebKitGTK<2.34.1
Wpewebkit Wpe Webkit<2.34.1
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 3 more
CVE-2019-8720
WebKitGTK Memory Corruption Vulnerability
redhat/webkitgtk<2.26.0
WebKitGTK WebKitGTK<2.26.0
Wpewebkit Wpe Webkit<2.26.0
Redhat Codeready Linux Builder=8.0
Redhat Codeready Linux Builder Eus=8.4
and 37 more
CVE-2020-13753
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desk...
WebKitGTK WebKitGTK<2.28.3
Wpewebkit Wpe Webkit<2.28.3
Fedoraproject Fedora=31
Debian Debian Linux=10.0
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
and 7 more
CVE-2020-11793
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memor...
debian/webkit2gtk
debian/wpewebkit
WebKitGTK WebKitGTK<2.28.1
Wpewebkit Wpe Webkit<2.28.1
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
and 16 more
CVE-2020-10018
accessibility/AXObjectCache.cpp in WebKit, as used in WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4, allows a denial of service (application crash) because maintenance of the m_deferredFocuse...
WebKitGTK WebKitGTK<2.28.0
Wpewebkit Wpe Webkit<2.28.0
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Debian Debian Linux=10.0
Canonical Ubuntu Linux=18.04
and 16 more
CVE-2019-11070
WebKitGTK and WPE WebKit failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue w...
WebKitGTK WebKitGTK<2.24.1
Wpewebkit Wpe Webkit<2.24.1
redhat/webkitgtk<2.24.1
ubuntu/webkit2gtk<2.24.1-0ubuntu0.18.04.1
ubuntu/webkit2gtk<2.24.1-0ubuntu0.18.10.2
ubuntu/webkit2gtk<2.24.1
and 1 more
CVE-2019-6251
embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer...
GNOME Epiphany<=3.31.4
WebKitGTK WebKitGTK<2.24.1
Wpewebkit Wpe Webkit<2.24.1
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
and 9 more
CVE-2018-12293
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version...
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=17.10
Canonical Ubuntu Linux=18.04
Apple macOS Big Sur<2.20.3
Wpewebkit Wpe Webkit<2.20.1
ubuntu/webkit2gtk<2.20.3-0ubuntu0.17.10.1
and 4 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203