DSA-4995-1 webkit2gtk -- webkit2gtk| ID: oval:org.secpod.oval:def:605665 | Date: (C)2021-11-02 (M)2023-12-26 |
| Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30846 Sergei Glazunov discovered that processing maliciously crafted web content may lead to arbitrary code execution CVE-2021-30851 Samuel Gross discovered that processing maliciously crafted web content may lead to code execution CVE-2021-42762 An anonymous reporter discovered a limited Bubblewrap sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined.
| Platform: |
| Debian 10.x |
| Debian 11.x |
| Product: |
| webkit2gtk-driver |
| gir1.2-javascriptcoregtk-4.0 |
| gir1.2-webkit2-4.0 |
| libjavascriptcoregtk-4.0-18 |
| libjavascriptcoregtk-4.0-bin |
| libjavascriptcoregtk-4.0-dev |
| libwebkit2gtk-4.0-37 |
| libwebkit2gtk-4.0-dev |
| libwebkit2gtk-4.0-doc |
