AVG-1100 log

Package webkit2gtk
Status Fixed
Severity High
Type multiple issues
Affected 2.26.3-1
Fixed 2.26.4-1
Current 2.46.3-1 [extra]
Ticket None
Created Fri Feb 14 15:46:32 2020
Issue Severity Remote Type Description
CVE-2020-3868 High Yes Arbitrary code execution 
Processing maliciously crafted web content may lead to arbitrary code execution. Credit to Marcin Towalski of Cisco Talos.
CVE-2020-3867 High Yes Cross-site scripting 
Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2020-3865 High Yes Sandbox escape 
A top-level DOM object context may have incorrectly been considered secure.
CVE-2020-3864 Medium Yes Same-origin policy bypass 
A DOM object context may not have had a unique security origin.
CVE-2020-3862 Medium Yes Denial of service 
A malicious website may be able to cause a denial of service.
Date Advisory Package Type
17 Feb 2020 ASA-202002-10 webkit2gtk multiple issues
References 
https://webkitgtk.org/security/WSA-2020-0002.html