AVG-1291 log

Package webkit2gtk
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 2.30.2-1
Fixed 2.30.3-1
Current 2.46.5-1 [extra]
Ticket None
Created Mon Nov 23 16:56:57 2020
Issue Severity Remote Type Description
CVE-2020-13584 Medium Yes Arbitrary code execution
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to arbitrary code execution.
CVE-2020-13543 Medium Yes Arbitrary code execution
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9983 Medium Yes Arbitrary code execution
An out-of-bounds write issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to code execution.
Date Advisory Package Type
26 Nov 2020 ASA-202011-28 webkit2gtk arbitrary code execution
References
https://webkitgtk.org/security/WSA-2020-0008.html