AVG-1033 log

Package webkit2gtk
Status Fixed
Severity Critical
Type multiple issues
Affected 2.24.3-1
Fixed 2.24.4-1
Current 2.26.2-2 [extra]
Ticket None
Created Fri Aug 30 08:00:45 2019
Issue Severity Remote Type Description
CVE-2019-8688 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8684 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8683 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8680 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8678 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8669 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8658 High Yes Cross-site scripting
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2019-8649 High Yes Cross-site scripting
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2019-8644 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
Date Advisory Package Description
04 Sep 2019 ASA-201909-1 webkit2gtk multiple issues
References
https://webkitgtk.org/security/WSA-2019-0004.html