Webkitgtk

Webkitgtk

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-1870

Warnung
  • EPSS 1.15%
  • Veröffentlicht 02.04.2021 19:15:20
  • Zuletzt bearbeitet 23.10.2025 18:01:44

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code exe...

6.5

CVE-2021-1799

  • EPSS 0.17%
  • Veröffentlicht 02.04.2021 19:15:19
  • Zuletzt bearbeitet 21.11.2024 05:45:08

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A ...

6.5

CVE-2021-1801

  • EPSS 0.42%
  • Veröffentlicht 02.04.2021 19:15:19
  • Zuletzt bearbeitet 21.11.2024 05:45:08

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted we...

8.8

CVE-2021-1789

Warnung
  • EPSS 0.25%
  • Veröffentlicht 02.04.2021 18:15:21
  • Zuletzt bearbeitet 23.10.2025 18:01:47

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Process...

6.5

CVE-2021-1765

  • EPSS 0.09%
  • Veröffentlicht 02.04.2021 18:15:20
  • Zuletzt bearbeitet 21.11.2024 05:45:03

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.

3.3

CVE-2020-29623

  • EPSS 0.03%
  • Veröffentlicht 02.04.2021 18:15:17
  • Zuletzt bearbeitet 21.11.2024 05:24:20

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, ...

8.8

CVE-2020-13558

Exploit
  • EPSS 0.6%
  • Veröffentlicht 03.03.2021 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:01:29

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.

8.8

CVE-2020-13584

Exploit
  • EPSS 1.36%
  • Veröffentlicht 03.12.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:01:33

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site t...

8.8

CVE-2020-13543

Exploit
  • EPSS 1.5%
  • Veröffentlicht 03.12.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:01:27

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a we...

10

CVE-2020-13753

  • EPSS 1.22%
  • Veröffentlicht 14.07.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 05:01:46

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbo...