Webkitgtk

Webkitgtk+

42 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-12911

  • EPSS 0.52%
  • Veröffentlicht 19.07.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:05

WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.

8.8

CVE-2018-12293

  • EPSS 40.11%
  • Veröffentlicht 19.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:54

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer over...

6.5

CVE-2018-11713

  • EPSS 0.41%
  • Veröffentlicht 04.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:52

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections...

7.5

CVE-2018-11712

  • EPSS 0.23%
  • Veröffentlicht 04.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:52

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.

7.5

CVE-2018-11646

Exploit
  • EPSS 75.35%
  • Veröffentlicht 01.06.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:45

webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.

8.8

CVE-2018-4165

  • EPSS 0.58%
  • Veröffentlicht 03.04.2018 06:29:07
  • Zuletzt bearbeitet 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves th...

8.8

CVE-2018-4163

  • EPSS 0.57%
  • Veröffentlicht 03.04.2018 06:29:07
  • Zuletzt bearbeitet 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

8.8

CVE-2018-4162

  • EPSS 40.02%
  • Veröffentlicht 03.04.2018 06:29:07
  • Zuletzt bearbeitet 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

6.5

CVE-2018-4146

  • EPSS 0.85%
  • Veröffentlicht 03.04.2018 06:29:06
  • Zuletzt bearbeitet 21.11.2024 04:06:51

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

6.1

CVE-2018-4133

  • EPSS 0.5%
  • Veröffentlicht 03.04.2018 06:29:06
  • Zuletzt bearbeitet 21.11.2024 04:06:49

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a craft...