Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webkitgtk
(Webkitgtk)| Repositories | https://github.com/WebKit/webkit |
| #Vulnerabilities | 46 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-24 | CVE-2022-32893 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | Ipados, Iphone_os, Macos, Safari, Debian_linux, Fedora, Webkitgtk, Wpe_webkit | 8.8 | ||
| 2022-07-28 | CVE-2022-2294 | Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Extra_packages_for_enterprise_linux, Fedora, Chrome, Webkitgtk, Wpe_webkit | 8.8 | ||
| 2022-05-06 | CVE-2022-30293 | In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. | Debian_linux, Webkitgtk | 7.5 | ||
| 2019-12-18 | CVE-2019-8674 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. | Iphone_os, Safari, Webkitgtk | 6.1 | ||
| 2021-07-08 | CVE-2021-21806 | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. | Webkitgtk | 8.8 | ||
| 2021-07-07 | CVE-2021-21775 | A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. | Debian_linux, Fedora, Webkitgtk | 8.0 | ||
| 2010-09-09 | CVE-2010-1812 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
| 2010-09-09 | CVE-2010-1814 | WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
| 2010-09-09 | CVE-2010-1815 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
| 2020-12-03 | CVE-2020-13584 | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability. | Fedora, Webkitgtk | 8.8 |