[3.8] webkit2gtk: Multiple vulnerabilities (CVE-2018-4246, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284, CVE-2018-12911)ID: oval:org.secpod.oval:def:1801183 | Date: (C)2018-10-03 (M)2023-11-10 |
Class: PATCH | Family: unix |
CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4262 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4263 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4264 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4265 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4266 A malicious website may be able to cause a denial of service. A race condition was addressed with additional validation. Versions affected: WebKitGTK+ before 2.20.4 and WPE WebKit before 2.20.2. CVE-2018-4267 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4270 Processing maliciously crafted web content may lead to an unexpected application crash. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4272 Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4273 Processing maliciously crafted web content may lead to an unexpected application crash. A memory corruption issue was addressed with improved input validation. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4278 A malicious website may exfiltrate audio data cross-origin. Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4284 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling Versions affected: WebKitGTK+ before 2.20.4 . CVE-2018-12911 Processing maliciously crafted web content may lead to arbitrary code execution. A buffer overflow issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4
Platform: |
Alpine Linux 3.8 |