Download
| Alert*
oval:org.secpod.oval:def:604522
Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-37 web engine: CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. CVE-2019-8658 ... oval:org.secpod.oval:def:89045909 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:59464 The host is installed with Apple Mac OS X 10.14.6 or 10.13.6 and Safari before 13 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle a logic issue. Successful exploitation allows an attacker to cause universal cross-site scripti ... oval:org.secpod.oval:def:58773 The host is missing a security update according to Apple advisory, APPLE-SA-2019-9-26-4. The update is required to fix a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle a logic issue. Successful exploitation allows an attacker to cause universal cross- ... oval:org.secpod.oval:def:59618 The host is missing a security update according to Apple advisory, APPLE-SA-2019-10-29-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to perform universal cr ... oval:org.secpod.oval:def:58916 The host is installed with Apple iTunes before 12.10.1 or Apple iCloud before 7.14 and is prone to a universal cross site scripting vulnerability. A flaw is present in the applications, which fail to properly handle a logic issue issue. Successful exploitation could allow attackers to execute cross- ... oval:org.secpod.oval:def:1700466 WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video , an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. Multiple memory corruption issues were addresse ... oval:org.secpod.oval:def:504323 WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. The following packages have been upgraded to a later upstream version: webkitgtk4 . Security Fix: * webkitgtk: Multiple security issues For more details about the secu ... oval:org.secpod.oval:def:205668 WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. The following packages have been upgraded to a later upstream version: webkitgtk4 . Security Fix: * webkitgtk: Multiple security issues For more details about the secu ... oval:org.secpod.oval:def:1504382 [2.28.2-2] - Resolves: rhbz#1817144 Rebuild to support ppc and s390 [2.28.2-1] - Resolves: rhbz#1817144 Rebase to 2.28.2 oval:org.secpod.oval:def:1802000 CVE-2019-8674 Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved state management. Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3. CVE-2019-8707 Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:58912 The host is missing a security update according to Apple advisory, APPLE-SA-2019-10-07-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:58913 The host is missing a security update according to Apple advisory, APPLE-SA-2019-10-07-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:2005020 A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:69751 Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-37 web engine: CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. CVE-2019-8658 ... oval:org.secpod.oval:def:89050848 This update for webkit2gtk3 to version 2.26.2 fixes the following issues: Webkit2gtk3 was updated to version 2.26.2 Security issues addressed: - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8674: Fixed ... |