Lucene search
UbuntuUSN-5394-1HistoryApr 28, 2022 - 12:00 a.m.
WebKitGTK vulnerabilities
2022-04-2800:00:00
ubuntu.com
74
ubuntu
webkit2gtk
web browser security
remote attacker
cross-site scripting
denial of service
arbitrary code execution
javascript
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.004
Percentile
72.9%
Releases
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Packages
- webkit2gtk - Web content engine library for GTK+
Details
A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 21.10 | noarch | libwebkit2gtk-4.0-37 | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | gir1.2-javascriptcoregtk-4.0 | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | gir1.2-webkit2-4.0 | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libjavascriptcoregtk-4.0-18 | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libjavascriptcoregtk-4.0-18-dbgsym | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libjavascriptcoregtk-4.0-bin | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libjavascriptcoregtk-4.0-bin-dbgsym | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libjavascriptcoregtk-4.0-dev | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libwebkit2gtk-4.0-37-dbgsym | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
| Ubuntu | 21.10 | noarch | libwebkit2gtk-4.0-dev | < 2.36.0-0ubuntu0.21.10.3 | UNKNOWN |
Related
mageia
mageia
Updated webkit2 packages fix security vulnerability
2022-04-13 19:06:19
osv
osv
webkit2gtk vulnerabilities
2022-04-28 12:40:40
wpewebkit - security update
2022-04-08 00:00:00
webkit2gtk - security update
2022-04-08 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : WebKitGTK vulnerabilities (USN-5394-1)
2022-04-28 00:00:00
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:1431-1)
2022-04-28 00:00:00
SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:1511-1)
2022-05-04 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0139)
2022-04-14 00:00:00
Ubuntu: Security Advisory (USN-5394-1)
2022-04-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1511-1)
2022-05-03 00:00:00
debian
debian
[SECURITY] [DSA 5115-1] webkit2gtk security update
2022-04-08 23:36:49
[SECURITY] [DSA 5116-1] wpewebkit security update
2022-04-08 23:37:04
suse
suse
Security update for webkit2gtk3 (important)
2022-04-27 00:00:00
apple
apple
About the security content of Safari 15.4
2022-03-15 00:00:00
About the security content of tvOS 15.4
2022-03-14 00:00:00
About the security content of iTunes 12.12.3 for Windows
2022-03-08 00:00:00
zdi
zdi
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2022-09-23 19:15:00
Design/Logic Flaw
2022-09-23 19:15:00
Buffer overflow
2022-09-23 20:15:00
ubuntucve
ubuntucve
cve
cve
alpinelinux
alpinelinux
debiancve
debiancve
nvd
nvd
cvelist
cvelist
veracode
veracode
Use-After-Free
2022-04-18 18:41:48
Privilege Escalation
2022-04-18 18:36:23
Buffer Overflow
2022-04-18 18:41:58
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Apple Itunes
2022-09-09 17:21:27
rocky
rocky
webkit2gtk3 security and bug fix update
2022-11-08 06:26:46
webkit2gtk3 security and bug fix update
2022-11-15 06:14:22
webkit2gtk3 security, bug fix, and enhancement update
2022-05-10 06:24:27
almalinux
almalinux
Moderate: webkit2gtk3 security and bug fix update
2022-11-15 00:00:00
Moderate: webkit2gtk3 security and bug fix update
2022-11-08 00:00:00
Moderate: webkit2gtk3 security, bug fix, and enhancement update
2022-05-10 06:24:27
oraclelinux
oraclelinux
webkit2gtk3 security and bug fix update
2022-11-15 00:00:00
webkit2gtk3 security and bug fix update
2022-11-22 00:00:00
webkit2gtk3 security, bug fix, and enhancement update
2022-05-17 00:00:00
redhat
redhat
(RHSA-2022:7704) Moderate: webkit2gtk3 security and bug fix update
2022-11-08 06:26:46
(RHSA-2022:8054) Moderate: webkit2gtk3 security and bug fix update
2022-11-15 06:14:22
(RHSA-2023:0918) Moderate: Service Binding Operator security update
2023-02-27 00:54:13
kaspersky
kaspersky
KLA12486 Multiple vulnerabilities in Apple iTunes
2022-03-08 00:00:00
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2022-08-31 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.004
Percentile
72.9%
Related for USN-5394-1