Webkitgtk

Webkitgtk

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-2294

Warnung
  • EPSS 1.26%
  • Veröffentlicht 28.07.2022 02:15:07
  • Zuletzt bearbeitet 24.10.2025 14:09:38

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.5

CVE-2022-30293

Exploit
  • EPSS 0.16%
  • Veröffentlicht 06.05.2022 05:15:07
  • Zuletzt bearbeitet 21.11.2024 07:02:31

In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.

8.8

CVE-2022-22590

  • EPSS 0.47%
  • Veröffentlicht 18.03.2022 18:15:12
  • Zuletzt bearbeitet 21.11.2024 06:47:04

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code exe...

6.5

CVE-2021-45483

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.

6.5

CVE-2021-45481

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.

6.5

CVE-2021-45482

Exploit
  • EPSS 0.03%
  • Veröffentlicht 25.12.2021 01:15:08
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.

5.3

CVE-2021-42762

Exploit
  • EPSS 0.01%
  • Veröffentlicht 20.10.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:28:07

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that ...

8.8

CVE-2021-21806

Exploit
  • EPSS 2.07%
  • Veröffentlicht 08.07.2021 12:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:00

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to ...

8.8

CVE-2021-21779

Exploit
  • EPSS 0.51%
  • Veröffentlicht 08.07.2021 12:15:09
  • Zuletzt bearbeitet 21.11.2024 05:48:57

A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into v...

8

CVE-2021-21775

Exploit
  • EPSS 0.63%
  • Veröffentlicht 07.07.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 05:48:56

A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger...