DSA-4877-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:71223 | Date: (C)2021-04-18 (M)2024-05-22 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their browsing history under some circumstances. CVE-2021-1765 Eliya Stein discovered that maliciously crafted web content may violate iframe sandboxing policy. CVE-2021-1789 @S0rryMybad discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-1799 Gregory Vishnepolsky, Ben Seri and Samy Kamkar discovered that a malicious website may be able to access restricted ports on arbitrary servers. CVE-2021-1801 Eliya Stein discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-1870 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Product: |
libwebkit2gtk-4.0-dev |