DSA-5308-1 webkit2gtk -- webkit2gtkID: oval:org.secpod.oval:def:88447 | Date: (C)2023-03-28 (M)2024-05-22 |
Class: PATCH | Family: unix |
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42852 hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. CVE-2022-42856 Clement Lecigne discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42867 Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46692 KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. CVE-2022-46698 Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information. CVE-2022-46699 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46700 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Product: |
libwebkit2gtk-4.0-doc |
gir1.2-javascriptcoregtk-4.0 |
libwebkit2gtk-4.0-dev |
libjavascriptcoregtk-4.0-bin |
gir1.2-webkit2-4.0 |
libjavascriptcoregtk-4.0-dev |
libwebkit2gtk-4.0-37 |
webkit2gtk-driver |
libjavascriptcoregtk-4.0-18 |