CVE-2021-21779 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Information disclosure |
Description | A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2221 | wpewebkit | 2.32.2-1 | 2.32.3-1 | High | Fixed | |
AVG-2220 | webkit2gtk | 2.32.2-1 | 2.32.3-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
27 Jul 2021 | ASA-202107-68 | AVG-2221 | wpewebkit | High | multiple issues |
27 Jul 2021 | ASA-202107-67 | AVG-2220 | webkit2gtk | High | multiple issues |
References |
---|
https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-21779 https://talosintelligence.com/vulnerability_reports/TALOS-2021-1238 |