Product:

Webkitgtk

(Webkitgtk)
Repositories https://github.com/WebKit/webkit
#Vulnerabilities 56
Date Id Summary Products Score Patch Annotated
2019-12-18 CVE-2019-8674 A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Iphone_os, Safari, Webkitgtk 6.1
2021-07-08 CVE-2021-21806 An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. Webkitgtk 8.8
2010-09-09 CVE-2010-1812 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1814 WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2010-09-09 CVE-2010-1815 Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Iphone_os, Ubuntu_linux, Webkitgtk N/A
2021-03-03 CVE-2020-13558 A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Webkitgtk 8.8
2020-12-03 CVE-2020-13543 A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. Webkitgtk 8.8
2021-12-25 CVE-2021-45481 In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5
2021-12-25 CVE-2021-45482 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5
2021-12-25 CVE-2021-45483 In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. Webkitgtk 6.5