DSA-4558-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:69776 | Date: (C)2021-03-07 (M)2024-05-22 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8625 Sergei Glazunov discovered that maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8720 Wen Xu discovered that maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8769 Pierre Reimertz discovered that visiting a maliciously crafted website may reveal browsing history. CVE-2019-8771 Eliya Stein discovered that maliciously crafted web content may violate iframe sandboxing policy.
Product: |
libwebkit2gtk-4.0-dev |