CVE-2023-42875 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | Processing malicious web content can cause a use-after-free issue due to improper memory handling and result in arbitrary code execution. The issue was addressed with improved memory handling. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2870 | wpewebkit | 2.42.0-1 | 2.48.2-1 | High | Fixed | |
| AVG-2869 | webkit2gtk | 2.42.0-1 | 2.48.2-1 | High | Fixed | |
| AVG-2868 | webkit2gtk-4.1 | 2.42.0-1 | 2.48.2-1 | High | Fixed | |
| AVG-2867 | webkitgtk-6.0 | 2.42.0-1 | 2.48.2-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 18 May 2025 | ASA-202505-5 | AVG-2867 | webkitgtk-6.0 | High | arbitrary code execution |
| 18 May 2025 | ASA-202505-4 | AVG-2868 | webkit2gtk-4.1 | High | arbitrary code execution |
| 18 May 2025 | ASA-202505-3 | AVG-2869 | webkit2gtk | High | arbitrary code execution |
| 18 May 2025 | ASA-202505-2 | AVG-2870 | wpewebkit | High | arbitrary code execution |
| References |
|---|
https://webkitgtk.org/security/WSA-2025-0004.html#CVE-2023-42875 https://wpewebkit.org/security/WSA-2025-0004.html#CVE-2023-42875 |