Webkitgtk

Webkitgtk

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-45483

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.

6.5

CVE-2021-45482

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.

6.5

CVE-2021-45481

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

5.3

CVE-2021-42762

Exploit
  • EPSS 0.01%
  • Veröffentlicht 20.10.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:28:07

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that ...

8.8

CVE-2021-21806

Exploit
  • EPSS 1.6%
  • Veröffentlicht 08.07.2021 12:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:00

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to ...

8.8

CVE-2021-21779

Exploit
  • EPSS 0.51%
  • Veröffentlicht 08.07.2021 12:15:09
  • Zuletzt bearbeitet 21.11.2024 05:48:57

A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into v...

8

CVE-2021-21775

Exploit
  • EPSS 0.63%
  • Veröffentlicht 07.07.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 05:48:56

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger...

9.8

CVE-2021-1870

Warnung
  • EPSS 0.41%
  • Veröffentlicht 02.04.2021 19:15:20
  • Zuletzt bearbeitet 28.02.2025 14:44:48

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code exe...

6.5

CVE-2021-1801

  • EPSS 0.27%
  • Veröffentlicht 02.04.2021 19:15:19
  • Zuletzt bearbeitet 21.11.2024 05:45:08

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted we...

6.5

CVE-2021-1799

  • EPSS 0.17%
  • Veröffentlicht 02.04.2021 19:15:19
  • Zuletzt bearbeitet 21.11.2024 05:45:08

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A ...