DSA-4739-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:604978 | Date: (C)2020-08-11 (M)2024-05-22 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-9862 Ophir Lojkine discovered that copying a URL from the Web Inspector may lead to command injection. CVE-2020-9893 0011 discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9894 0011 discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9895 Wen Xu discovered that a remote attacker may be able to cause unexpected application termination or arbitrary code execution. CVE-2020-9915 Ayoub Ait Elmokhtar discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced. CVE-2020-9925 An anonymous researcher discovered that processing maliciously crafted web content may lead to universal cross site scripting.
Product: |
libwebkit2gtk-4.0-doc |
gir1.2-javascriptcoregtk-4.0 |
libwebkit2gtk-4.0-dev |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libjavascriptcoregtk-4.0-dev |
libwebkit2gtk-4.0-37 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-18 |