AVG-2703 log
Package | webkit2gtk |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 2.34.6-1 |
Fixed | 2.34.7-1 |
Current | 2.46.5-1 [extra] |
Ticket | None |
Created | Tue May 10 00:13:34 2022 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2022-22637 | High | Yes | Unknown | A logic issue was addressed with improved state management. A malicious website may cause unexpected cross-origin behavior. |
CVE-2022-22629 | High | Yes | Arbitrary code execution | A buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. |
CVE-2022-22628 | High | Yes | Arbitrary code execution | A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
CVE-2022-22624 | High | Yes | Arbitrary code execution | A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
References |
---|
https://webkitgtk.org/security/WSA-2022-0004.html |
Notes |
---|
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. |