Product:

Webkitgtk

(Webkitgtk)
Repositories https://github.com/WebKit/webkit
#Vulnerabilities 56
Date Id Summary Products Score Patch Annotated
2021-07-08 CVE-2021-21806 An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. Webkitgtk 8.8
2010-09-09 CVE-2010-1812 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1814 WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1815 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2021-03-03 CVE-2020-13558 A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Webkitgtk 8.8
2020-12-03 CVE-2020-13543 A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. Webkitgtk 8.8
2021-12-25 CVE-2021-45481 In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5
2021-12-25 CVE-2021-45482 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5
2021-12-25 CVE-2021-45483 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5
2020-02-27 CVE-2020-3867 A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Leap, Webkitgtk 6.1