Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5341-1

Debian Linux Security Advisory 5341-1 - Multiple vulnerabilities have been discovered in the WebKitGTK web engine. Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution.

Packet Storm
#vulnerability#web#linux#debian#cisco#js#pdf#webkit
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5341-1                   [email protected]://www.debian.org/security/                           Alberto GarciaFebruary 06, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : wpewebkitCVE ID         : CVE-2022-42826 CVE-2023-23517 CVE-2023-23518The following vulnerabilities have been discovered in the WebKitGTKweb engine:CVE-2022-42826    Francisco Alonso discovered that processing maliciously crafted    web content may lead to arbitrary code execution.CVE-2023-23517    YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae    and Dohyun Lee discovered that processing maliciously crafted web    content may lead to arbitrary code execution.CVE-2023-23518    YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae    and Dohyun Lee discovered that processing maliciously crafted web    content may lead to arbitrary code execution.For the stable distribution (bullseye), these problems have been fixed inversion 2.38.4-1~deb11u1.We recommend that you upgrade your wpewebkit packages.For the detailed security status of wpewebkit please refer toits security tracker page at:https://security-tracker.debian.org/tracker/wpewebkitFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmPhHcsACgkQAAyEYu0C2AIS9xAAkj8s01WZ1BEJrdImERtEANtzX1khiwTM2loUEuzgSU10mTvkl1u5vP3fb2rXPRIBdH7rvdSKAHvfyHbCikvVx48noF6iyLfpqcNdReJ0erSSJzptyMDcuapmrCBP2Y+pnTkEPXQ3x79NtA4PNTEbQX9av54Hm/HRMeAc5XlYFm0dyTjjLu5kh0jFoqgoJkQLhZn13YOdiWpKwk8VbKmU4Wdj/kFHAxU4M/MzgqJj1Ep9DCaJv0NQNBdmyMVJn/o/c9dLn7wmoFb0Mi4nyD7M1ftdCpPg7RkCeNmBfUBejMKz2poFGtcC33Zk5hh9B9AF0joOt0fJGaIT21Lkh2hT3mjV2ayUzIgcNrFzs8gnL7M4ivc/C52HpjScz4E+rmfd6TrZwDYa8yTSMNOyAlb2Bwo5tj+6mtPPF62bh9ViZ3ShdU+g/stvP06oXdTdNwHGpDfERITvqQJQp4LEJmmlfWMzZdCnwqyQ4JbI5IE65h9FDNscoFUFAsVRUMjOg61L74d37/tpAfN51E2fjVSlvtHy/11E866T/6l9o1a/9OTm8fpJf0Bvsjuz8Osiu90Z7SCImbB5RP4V7liLklekQqOLjaf3n7JjcVvPO/SyDg9xjgHE+QozC41yb/FTR6QYlOYOxnteeeNMvA1+eZnxQyvvX6K07KrDtJzXs7SlKX8==Tfnd-----END PGP SIGNATURE-----

Related news

Gentoo Linux Security Advisory 202305-32

Gentoo Linux Security Advisory 202305-32 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.40.1 are affected.

Red Hat Security Advisory 2023-2834-01

Red Hat Security Advisory 2023-2834-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:2834: Red Hat Security Advisory: webkit2gtk3 security and bug fix update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32886: A vulnerability was found in webkitgtkm, where a buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. * CVE-2022-32888: A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing mali...

Red Hat Security Advisory 2023-2256-01

Red Hat Security Advisory 2023-2256-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include buffer overflow, bypass, code execution, information leakage, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:2256: Red Hat Security Advisory: webkit2gtk3 security and bug fix update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32886: A vulnerability was found in webkitgtkm, where a buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. * CVE-2022-32888: A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing mali...

CVE-2023-23512: About the security content of macOS Ventura 13.2

The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, iOS 16.3 and iPadOS 16.3, watchOS 9.3. Visiting a website may lead to an app denial-of-service.

Ubuntu Security Notice USN-5867-1

Ubuntu Security Notice 5867-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Debian Security Advisory 5340-1

Debian Linux Security Advisory 5340-1 - Multiple vulnerabilities have been discovered in the WebKitGTK web engine. Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution.

Apple Security Advisory 2023-01-24-1

Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-24-1

Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-8

Apple Security Advisory 2023-01-23-8 - Safari 16.3 addresses code execution vulnerabilities.

Apple Security Advisory 2023-01-23-8

Apple Security Advisory 2023-01-23-8 - Safari 16.3 addresses code execution vulnerabilities.

Apple Security Advisory 2023-01-23-7

Apple Security Advisory 2023-01-23-7 - watchOS 9.3 addresses bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-7

Apple Security Advisory 2023-01-23-7 - watchOS 9.3 addresses bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-6

Apple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.

Apple Security Advisory 2023-01-23-6

Apple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.

Apple Security Advisory 2023-01-23-5

Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-5

Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-4

Apple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.

Apple Security Advisory 2023-01-23-4

Apple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.

Apple Security Advisory 2023-01-23-1

Apple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.

Apple Security Advisory 2023-01-23-1

Apple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.

Packet Storm: Latest News

Zeek 6.0.9