[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146457

 
 

909

 
 

117103

 
 

156

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-4681-1 libwebkit2gtk-4.0-dev -- libwebkit2gtk-4.0-dev

ID: oval:org.secpod.oval:def:604841Date: (C)2020-05-26   (M)2020-06-15
Class: PATCHFamily: unix




The following vulnerability has been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-3885 Ryan Pickren discovered that a file URL may be incorrectly processed. CVE-2020-3894 Sergei Glazunov discovered that a race condition may allow an application to read restricted memory. CVE-2020-3895 grigoritchy discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3897 Brendan Draper discovered that a remote attacker may be able to cause arbitrary code execution. CVE-2020-3899 OSS-Fuzz discovered that A remote attacker may be able to cause arbitrary code execution. CVE-2020-3900 Dongzhuo Zhao discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3901 Benjamin Randazzo discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-3902 Yigit Can Yilmaz discovered that processing maliciously crafted web content may lead to a cross site scripting attack.

Platform:
Debian 10.x
Product:
libwebkit2gtk-4.0-dev
Reference:
DSA-4681-1
CVE-2020-3885
CVE-2020-3894
CVE-2020-3895
CVE-2020-3897
CVE-2020-3899
CVE-2020-3900
CVE-2020-3901
CVE-2020-3902
CVE    8
CVE-2020-3899
CVE-2020-3901
CVE-2020-3900
CVE-2020-3902
...
CPE    1
cpe:/a:webkitgtk:libwebkit2gtk-4.0-dev

© SecPod Technologies