Product:

Webkitgtk

(Webkitgtk)
Repositories https://github.com/WebKit/webkit
#Vulnerabilities 46
Date Id Summary Products Score Patch Annotated
2022-08-24 CVE-2022-32893 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Ipados, Iphone_os, Macos, Safari, Debian_linux, Fedora, Webkitgtk, Wpe_webkit 8.8
2022-07-28 CVE-2022-2294 Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Extra_packages_for_enterprise_linux, Fedora, Chrome, Webkitgtk, Wpe_webkit 8.8
2022-05-06 CVE-2022-30293 In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. Debian_linux, Webkitgtk 7.5
2019-12-18 CVE-2019-8674 A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Iphone_os, Safari, Webkitgtk 6.1
2021-07-08 CVE-2021-21806 An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. Webkitgtk 8.8
2021-07-07 CVE-2021-21775 A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage. Debian_linux, Fedora, Webkitgtk 8.0
2010-09-09 CVE-2010-1812 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1814 WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1815 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2020-12-03 CVE-2020-13584 An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability. Fedora, Webkitgtk 8.8