Webkitgtk

Webkitgtk+

42 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-12911

  • EPSS 0.52%
  • Published 19.07.2018 13:29:00
  • Last modified 21.11.2024 03:46:05

WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.

8.8

CVE-2018-12293

  • EPSS 40.11%
  • Published 19.06.2018 21:29:00
  • Last modified 21.11.2024 03:44:54

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer over...

6.5

CVE-2018-11713

  • EPSS 0.41%
  • Published 04.06.2018 14:29:00
  • Last modified 21.11.2024 03:43:52

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections...

7.5

CVE-2018-11712

  • EPSS 0.23%
  • Published 04.06.2018 14:29:00
  • Last modified 21.11.2024 03:43:52

WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.

7.5

CVE-2018-11646

Exploit
  • EPSS 75.35%
  • Published 01.06.2018 13:29:00
  • Last modified 21.11.2024 03:43:45

webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.

8.8

CVE-2018-4165

  • EPSS 0.58%
  • Published 03.04.2018 06:29:07
  • Last modified 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves th...

8.8

CVE-2018-4163

  • EPSS 0.57%
  • Published 03.04.2018 06:29:07
  • Last modified 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

8.8

CVE-2018-4162

  • EPSS 40.02%
  • Published 03.04.2018 06:29:07
  • Last modified 21.11.2024 04:06:53

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

6.5

CVE-2018-4146

  • EPSS 0.85%
  • Published 03.04.2018 06:29:06
  • Last modified 21.11.2024 04:06:51

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is...

6.1

CVE-2018-4133

  • EPSS 0.5%
  • Published 03.04.2018 06:29:06
  • Last modified 21.11.2024 04:06:49

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a craft...