AVG-2703 log
| Package | webkit2gtk |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.34.6-1 |
| Fixed | 2.34.7-1 |
| Current | 2.46.3-1 [extra] |
| Ticket | None |
| Created | Tue May 10 00:13:34 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-22637 | High | Yes | Unknown | A logic issue was addressed with improved state management. A malicious website may cause unexpected cross-origin behavior. |
| CVE-2022-22629 | High | Yes | Arbitrary code execution | A buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-22628 | High | Yes | Arbitrary code execution | A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-22624 | High | Yes | Arbitrary code execution | A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
| References |
|---|
https://webkitgtk.org/security/WSA-2022-0004.html |
| Notes |
|---|
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. |