Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5580-1:9E19A
HistoryDec 18, 2023 - 9:43 p.m.

[SECURITY] [DSA 5580-1] webkit2gtk security update

2023-12-1821:43:38
lists.debian.org
18
cve-2023-42883
debian
denial-of-service
security update
webkit2gtk

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

27.0%

JSON

Debian Security Advisory DSA-5580-1 [email protected]
https://www.debian.org/security/ Alberto Garcia
December 18, 2023 https://www.debian.org/security/faq

Package : webkit2gtk
CVE ID : CVE-2023-42883

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2023-42883

The Zoom Offensive Security Team discovered that processing a SVG
image may lead to a denial-of-service.

For the oldstable distribution (bullseye), this problem has been fixed
in version 2.42.4-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in
version 2.42.4-1~deb12u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian11ppc64ellibwebkit2gtk-4.0-37-dbgsym< 2.42.4-1~deb11u1libwebkit2gtk-4.0-37-dbgsym_2.42.4-1~deb11u1_ppc64el.deb
Debian12s390xlibjavascriptcoregtk-4.1-dev< 2.42.4-1~deb12u1libjavascriptcoregtk-4.1-dev_2.42.4-1~deb12u1_s390x.deb
Debian11amd64libjavascriptcoregtk-4.0-dev< 2.42.4-1~deb11u1libjavascriptcoregtk-4.0-dev_2.42.4-1~deb11u1_amd64.deb
Debian12armhflibjavascriptcoregtk-4.1-dev< 2.42.4-1~deb12u1libjavascriptcoregtk-4.1-dev_2.42.4-1~deb12u1_armhf.deb
Debian12i386webkit2gtk-driver< 2.42.4-1~deb12u1webkit2gtk-driver_2.42.4-1~deb12u1_i386.deb
Debian12amd64libjavascriptcoregtk-4.1-dev< 2.42.4-1~deb12u1libjavascriptcoregtk-4.1-dev_2.42.4-1~deb12u1_amd64.deb
Debian11amd64libwebkit2gtk-4.0-37-dbgsym< 2.42.4-1~deb11u1libwebkit2gtk-4.0-37-dbgsym_2.42.4-1~deb11u1_amd64.deb
Debian12ppc64ellibjavascriptcoregtk-4.0-dev< 2.42.4-1~deb12u1libjavascriptcoregtk-4.0-dev_2.42.4-1~deb12u1_ppc64el.deb
Debian12armhflibjavascriptcoregtk-4.1-0-dbgsym< 2.42.4-1~deb12u1libjavascriptcoregtk-4.1-0-dbgsym_2.42.4-1~deb12u1_armhf.deb
Debian11i386webkit2gtk-driver-dbgsym< 2.42.4-1~deb11u1webkit2gtk-driver-dbgsym_2.42.4-1~deb11u1_i386.deb
Rows per page:
1-10 of 3241

Related

openvas 10
osv 6
nessus 15
redhatcve 1
ubuntucve 1
cvelist 1
cve 1
nvd 1
prion 1
ubuntu 1
debiancve 1
amazon 1
apple 8
thn 1
oraclelinux 2
redhat 4
rocky 1
almalinux 2
mageia 1
openvas
openvas
Ubuntu: Security Advisory (USN-6582-1)
2024-01-16 00:00:00
Debian: Security Advisory (DSA-5580-1)
2023-12-20 00:00:00
Apple Safari Security Update (HT214039)
2023-12-14 00:00:00
osv
osv
webkit2gtk - security update
2023-12-18 00:00:00
webkit2gtk vulnerability
2024-01-15 13:52:06
CVE-2023-42883
2023-12-12 01:15:11
nessus
nessus
Ubuntu 22.04 LTS / 23.04 / 23.10 : WebKitGTK vulnerability (USN-6582-1)
2024-01-15 00:00:00
Debian DSA-5580-1 : webkit2gtk - security update
2023-12-19 00:00:00
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2425)
2024-01-23 00:00:00
redhatcve
redhatcve
CVE-2023-42883
2023-12-13 11:30:53
ubuntucve
ubuntucve
CVE-2023-42883
2024-01-03 00:00:00
cvelist
cvelist
CVE-2023-42883
2023-12-12 00:27:16
cve
cve
CVE-2023-42883
2023-12-12 01:15:11
nvd
nvd
CVE-2023-42883
2023-12-12 01:15:11
prion
prion
Design/Logic Flaw
2023-12-12 01:15:00
ubuntu
ubuntu
WebKitGTK vulnerability
2024-01-15 00:00:00
debiancve
debiancve
CVE-2023-42883
2023-12-12 01:15:11
amazon
amazon
Important: webkitgtk4
2024-01-19 01:51:00
apple
apple
About the security content of Safari 17.2
2023-12-11 00:00:00
About the security content of iOS 16.7.3 and iPadOS 16.7.3
2023-12-11 00:00:00
About the security content of iOS 16.7.3 and iPadOS 16.7.3
2023-12-11 00:00:00
thn
thn
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
2023-12-12 06:44:00
oraclelinux
oraclelinux
webkit2gtk3 security update
2024-05-02 00:00:00
webkit2gtk3 security update
2024-05-23 00:00:00
redhat
redhat
(RHSA-2024:2126) Important: webkit2gtk3 security update
2024-04-30 06:14:49
(RHSA-2024:2982) Important: webkit2gtk3 security update
2024-05-22 06:35:16
(RHSA-2024:3790) Moderate: OpenShift API for Data Protection (OADP) 1.3.2 security and bug fix update
2024-06-11 02:31:21
rocky
rocky
webkit2gtk3 security update
2024-06-14 13:59:30
almalinux
almalinux
Important: webkit2gtk3 security update
2024-05-22 00:00:00
Important: webkit2gtk3 security update
2024-04-30 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2024-04-26 09:47:12

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

27.0%

JSON
Related for DEBIAN:DSA-5580-1:9E19A
openvas10osv6nessus15redhatcve1ubuntucve1cvelist1cve1nvd1prion1ubuntu1debiancve1amazon1apple8thn1oraclelinux2redhat4rocky1almalinux2mageia1