AVG-967 log

Package	webkit2gtk
Status	Fixed
Severity	Critical
Type	multiple issues
Affected	2.24.1-1
Fixed	2.24.2-1
Current	2.50.1-1 [extra]
Ticket	None
Created	Tue May 28 13:35:53 2019

Issue	Severity	Remote	Type	Description
CVE-2019-8615	Critical	Yes	Arbitrary code execution	Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8607	High	Yes	Information disclosure	An out-of-bounds read has been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2019-8595	Critical	Yes	Arbitrary code execution	Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.

Issue

Severity

Remote

Type

Description

CVE-2019-8615

Critical

Yes

Arbitrary code execution

Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8607

High

Yes

Information disclosure

An out-of-bounds read has been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may result in the disclosure of process memory.

CVE-2019-8595

Critical

Yes

Arbitrary code execution

Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.

Date	Advisory	Package	Type
28 May 2019	ASA-201905-10	webkit2gtk	multiple issues

References
https://webkitgtk.org/security/WSA-2019-0003.html