AVG-2789 log
Package | wpewebkit |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 2.36.4-2 |
Fixed | 2.36.5-1 |
Current | 2.46.4-1 [extra] |
Ticket | None |
Created | Thu Jul 28 21:15:49 2022 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2022-32816 | High | Yes | Content spoofing | Visiting a website that frames malicious content may lead to UI spoofing. |
CVE-2022-32792 | Critical | Yes | Arbitrary code execution | Processing maliciously crafted web content may lead to arbitrary code execution. |
References |
---|
https://webkitgtk.org/security/WSA-2022-0007.html |
Notes |
---|
Our WebKit2GTK and WPE WebKit versions are not affected by the 'CVE-2022-2294' vulnerability because our packages are not built using the 'USE_LIBWEBRTC' CMake option. |