Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webkitgtk
(Webkitgtk)Repositories | https://github.com/WebKit/webkit |
#Vulnerabilities | 56 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-18 | CVE-2019-8674 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. | Iphone_os, Safari, Webkitgtk | 6.1 | ||
2021-07-08 | CVE-2021-21806 | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. | Webkitgtk | 8.8 | ||
2010-09-09 | CVE-2010-1812 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
2010-09-09 | CVE-2010-1814 | WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
2010-09-09 | CVE-2010-1815 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | Iphone_os, Ubuntu_linux, Webkitgtk | N/A | ||
2021-03-03 | CVE-2020-13558 | A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. | Webkitgtk | 8.8 | ||
2020-12-03 | CVE-2020-13543 | A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. | Webkitgtk | 8.8 | ||
2021-12-25 | CVE-2021-45481 | In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. | Webkitgtk | 6.5 | ||
2021-12-25 | CVE-2021-45482 | In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. | Webkitgtk | 6.5 | ||
2021-12-25 | CVE-2021-45483 | In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. | Webkitgtk | 6.5 |