Lucene search
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-6289-1.NASLHistoryAug 15, 2023 - 12:00 a.m.
Ubuntu 22.04 LTS / 23.04 : WebKitGTK vulnerabilities (USN-6289-1)
2023-08-1500:00:00
Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
ubuntu 22.04
ubuntu 23.04
webkitgtk
vulnerabilities
ios 15.7.8
ipados 15.7.8
ios 16.6
ipados 16.6
tvos 16.6
macos ventura 13.5
safari 16.6
watchos 9.6
cve-2023-38133
cve-2023-38572
cve-2023-38592
cve-2023-38594
cve-2023-38595
cve-2023-38600
cve-2023-38597
cve-2023-38599
cve-2023-38611
nessus
self-reported version.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
58.5%
The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6289-1 advisory.
-
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information. (CVE-2023-38133)
-
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy. (CVE-2023-38572)
-
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution.
(CVE-2023-38592) -
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. (CVE-2023-38594)
-
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.
(CVE-2023-38595, CVE-2023-38600) -
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution. (CVE-2023-38597)
-
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. (CVE-2023-38599)
-
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. (CVE-2023-38611)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-6289-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##
include('compat.inc');
if (description)
{
script_id(179880);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/15");
script_cve_id(
"CVE-2023-38133",
"CVE-2023-38572",
"CVE-2023-38592",
"CVE-2023-38594",
"CVE-2023-38595",
"CVE-2023-38597",
"CVE-2023-38599",
"CVE-2023-38600",
"CVE-2023-38611"
);
script_xref(name:"USN", value:"6289-1");
script_name(english:"Ubuntu 22.04 LTS / 23.04 : WebKitGTK vulnerabilities (USN-6289-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as
referenced in the USN-6289-1 advisory.
- The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS
16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may
disclose sensitive information. (CVE-2023-38133)
- The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS
16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to
bypass Same Origin Policy. (CVE-2023-38572)
- A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6,
watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution.
(CVE-2023-38592)
- The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS
16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may
lead to arbitrary code execution. (CVE-2023-38594)
- The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6,
macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution.
(CVE-2023-38595, CVE-2023-38600)
- The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS
16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code
execution. (CVE-2023-38597)
- A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS
9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may
be able to track sensitive user information. (CVE-2023-38599)
- The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6,
tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code
execution. (CVE-2023-38611)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-6289-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-38611");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/27");
script_set_attribute(attribute:"patch_publication_date", value:"2023/08/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:23.04");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-6.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit-6.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.1-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-6.0-1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-6.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.1-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-6.0-4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libwebkitgtk-6.0-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:webkit2gtk-driver");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('22.04' >< os_release || '23.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.04 / 23.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '22.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.1', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'gir1.2-javascriptcoregtk-6.0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'gir1.2-webkit-6.0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'gir1.2-webkit2-4.1', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.1-0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-4.1-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-6.0-1', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libjavascriptcoregtk-6.0-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.1-0', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkit2gtk-4.1-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkitgtk-6.0-4', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'libwebkitgtk-6.0-dev', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '22.04', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.40.5-0ubuntu0.22.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-javascriptcoregtk-4.1', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-javascriptcoregtk-6.0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-webkit-6.0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-webkit2-4.0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'gir1.2-webkit2-4.1', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-4.0-18', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-4.0-bin', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-4.0-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-4.1-0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-4.1-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-6.0-1', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libjavascriptcoregtk-6.0-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkit2gtk-4.0-37', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkit2gtk-4.0-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkit2gtk-4.1-0', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkit2gtk-4.1-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkitgtk-6.0-4', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'libwebkitgtk-6.0-dev', 'pkgver': '2.40.5-0ubuntu0.23.04.1'},
{'osver': '23.04', 'pkgname': 'webkit2gtk-driver', 'pkgver': '2.40.5-0ubuntu0.23.04.1'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-javascriptcoregtk-4.0 / gir1.2-javascriptcoregtk-4.1 / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | 22.04 | cpe:/o:canonical:ubuntu_linux:22.04:-:lts |
| canonical | ubuntu_linux | 23.04 | cpe:/o:canonical:ubuntu_linux:23.04 |
| canonical | ubuntu_linux | gir1.2-javascriptcoregtk-4.0 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.0 |
| canonical | ubuntu_linux | gir1.2-javascriptcoregtk-4.1 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-4.1 |
| canonical | ubuntu_linux | gir1.2-javascriptcoregtk-6.0 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-javascriptcoregtk-6.0 |
| canonical | ubuntu_linux | gir1.2-webkit-6.0 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit-6.0 |
| canonical | ubuntu_linux | gir1.2-webkit2-4.0 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.0 |
| canonical | ubuntu_linux | gir1.2-webkit2-4.1 | p-cpe:/a:canonical:ubuntu_linux:gir1.2-webkit2-4.1 |
| canonical | ubuntu_linux | libjavascriptcoregtk-4.0-18 | p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18 |
| canonical | ubuntu_linux | libjavascriptcoregtk-4.0-bin | p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-bin |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38592
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38594
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38599
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38600
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38611
ubuntu.com/security/notices/USN-6289-1
Related
debian
debian
[SECURITY] [DSA 5468-1] webkit2gtk security update
2023-08-05 18:13:07
osv
osv
webkit2gtk vulnerabilities
2023-08-15 15:17:22
webkit2gtk - security update
2023-08-05 00:00:00
Important: webkit2gtk3 security and bug fix update
2023-11-14 00:00:00
nessus
nessus
Fedora 38 : webkitgtk (2023-a479289864)
2023-08-04 00:00:00
Debian DSA-5468-1 : webkit2gtk - security update
2023-08-07 00:00:00
Fedora 37 : webkitgtk (2023-19754c5a93)
2023-08-18 00:00:00
openvas
openvas
Fedora: Security Advisory for webkitgtk (FEDORA-2023-19754c5a93)
2023-08-18 00:00:00
Fedora: Security Advisory for webkitgtk (FEDORA-2023-a479289864)
2023-08-05 00:00:00
Ubuntu: Security Advisory (USN-6289-1)
2023-08-16 00:00:00
ubuntu
ubuntu
WebKitGTK vulnerabilities
2023-08-15 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: webkitgtk-2.40.5-1.fc38
2023-08-04 01:30:00
[SECURITY] Fedora 37 Update: webkitgtk-2.40.5-1.fc37
2023-08-18 00:42:15
apple
apple
About the security content of Safari 16.6
2023-07-24 00:00:00
About the security content of tvOS 16.6
2023-07-24 00:00:00
About the security content of watchOS 9.6
2023-07-24 00:00:00
amazon
amazon
Important: webkitgtk4
2023-09-27 22:48:00
almalinux
almalinux
Important: webkit2gtk3 security and bug fix update
2023-11-14 00:00:00
Important: webkit2gtk3 security and bug fix update
2023-11-07 00:00:00
oraclelinux
oraclelinux
webkit2gtk3 security and bug fix update
2023-11-11 00:00:00
webkit2gtk3 security and bug fix update
2023-11-17 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2024-01-05 00:00:00
redhat
redhat
(RHSA-2023:7055) Important: webkit2gtk3 security and bug fix update
2023-11-14 08:44:13
(RHSA-2023:6535) Important: webkit2gtk3 security and bug fix update
2023-11-07 06:07:56
prion
prion
Code injection
2023-07-28 05:15:00
Design/Logic Flaw
2023-07-27 01:15:00
Code injection
2023-07-27 01:15:00
ubuntucve
ubuntucve
cvelist
cvelist
redhatcve
redhatcve
cve
cve
nvd
nvd
zdi
zdi
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2024-04-26 09:47:12
debiancve
debiancve
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
58.5%
Related for UBUNTU_USN-6289-1.NASL