RHSA-2023:7055 -- Redhat webkit2gtk3ID: oval:org.secpod.oval:def:508109 | Date: (C)2024-01-03 (M)2024-02-19 |
Class: PATCH | Family: unix |
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix: webkitgtk: arbitrary code execution webkitgtk: bypass Same Origin Policy webkitgtk: Processing web content may lead to arbitrary code execution webkitgtk: arbitrary code execution webkitgtk: arbitrary code execution webkitgtk: arbitrary code execution webkitgtk: arbitrary code execution webkitgtk: arbitrary code execution webkitgtk: Memory corruption issue when processing web content webkitgtk: Same Origin Policy bypass via crafted web content webkitgtk: Website may be able to track sensitive user information webkitgtk: use after free vulnerability webkitgtk: content security policy blacklist failure webkitgtk: disclose sensitive information webkitgtk: track sensitive user information webkitgtk: processing web content may lead to arbitrary code execution webkitgtk: arbitrary javascript code execution webkitgtk: attacker with JavaScript execution may be able to execute arbitrary code For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 8 |