DSA-4996-1 wpewebkit -- wpewebkitID: oval:org.secpod.oval:def:605664 | Date: (C)2021-11-02 (M)2024-05-22 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the wpewebkit web engine: CVE-2021-30846 Sergei Glazunov discovered that processing maliciously crafted web content may lead to arbitrary code execution CVE-2021-30851 Samuel Gross discovered that processing maliciously crafted web content may lead to code execution CVE-2021-42762 An anonymous reporter discovered a limited Bubblewrap sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined.
Product: |
wpewebkit-driver |
libwpewebkit-1.0-3 |
libwpewebkit-1.0-dev |
libwpewebkit-1.0-doc |