Lucene search
UbuntuUSN-6631-1HistoryFeb 12, 2024 - 12:00 a.m.
WebKitGTK vulnerabilities
2024-02-1200:00:00
ubuntu.com
23
ubuntu 23.10
ubuntu 22.04 lts
webkit2gtk
web content engine
security issues
web browser
cross-site scripting
denial of service
arbitrary code execution
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
47.1%
Releases
- Ubuntu 23.10
- Ubuntu 22.04 LTS
Packages
- webkit2gtk - Web content engine library for GTK+
Details
Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | libjavascriptcoregtk-4.0-18 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-javascriptcoregtk-4.0 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-javascriptcoregtk-4.1 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-javascriptcoregtk-6.0 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-webkit-6.0 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-webkit2-4.0 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | gir1.2-webkit2-4.1 | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libjavascriptcoregtk-4.0-18-dbgsym | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libjavascriptcoregtk-4.0-bin | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libjavascriptcoregtk-4.0-bin-dbgsym | <Β 2.42.5-0ubuntu0.23.10.2 | UNKNOWN |
Related
osv
osv
webkit2gtk vulnerabilities
2024-02-12 13:07:31
webkit2gtk - security update
2024-02-08 00:00:00
CVE-2024-23213
2024-01-23 01:15:11
openvas
openvas
Ubuntu: Security Advisory (USN-6631-1)
2024-02-13 00:00:00
Fedora: Security Advisory (FEDORA-2024-97faaca23d)
2024-02-09 00:00:00
Fedora: Security Advisory for webkitgtk (FEDORA-2024-ca3f071aea)
2024-02-12 00:00:00
nessus
nessus
Ubuntu 22.04 LTS / 23.10 : WebKitGTK vulnerabilities (USN-6631-1)
2024-02-12 00:00:00
Debian dsa-5618 : gir1.2-javascriptcoregtk-4.0 - security update
2024-02-09 00:00:00
Fedora 39 : webkitgtk (2024-97faaca23d)
2024-02-08 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: webkitgtk-2.42.5-1.fc39
2024-02-09 01:27:52
[SECURITY] Fedora 38 Update: webkitgtk-2.42.5-1.fc38
2024-02-11 05:40:11
debian
debian
[SECURITY] [DSA 5618-1] webkit2gtk security update
2024-02-08 23:24:14
apple
apple
About the security content of Safari 17.3
2024-01-22 00:00:00
About the security content of iOS 16.7.5 and iPadOS 16.7.5
2024-01-22 00:00:00
About the security content of visionOS 1.0.2
2024-01-31 00:00:00
prion
prion
Code injection
2024-01-23 01:15:00
Design/Logic Flaw
2024-01-23 01:15:00
Type confusion
2024-01-23 01:15:00
cve
cve
cvelist
cvelist
debiancve
debiancve
redhatcve
redhatcve
nvd
nvd
ubuntucve
ubuntucve
amazon
amazon
Important: webkitgtk4
2024-02-15 03:52:00
Important: webkitgtk4
2024-02-01 19:57:00
cisa_kev
cisa_kev
Apple Multiple Products WebKit Type Confusion Vulnerability
2024-01-23 00:00:00
malwarebytes
malwarebytes
Update now! Apple releases patch for zero-day vulnerability
2024-01-24 10:37:20
hivepro
hivepro
Apple Fixes First Actively Exploited Zero-day of 2024
2024-01-24 08:44:14
attackerkb
attackerkb
CVE-2024-23222
2024-01-23 00:00:00
talosblog
talosblog
Spyware isnβt going anywhere, and neither are its tactics
2024-02-08 19:00:53
Why is the cost of cyber insurance rising?
2024-01-25 19:00:35
gentoo
gentoo
WebKitGTK+: Multiple Vulnerabilities
2024-07-05 00:00:00
almalinux
almalinux
Important: webkit2gtk3 security update
2024-04-30 00:00:00
Important: webkit2gtk3 security update
2024-05-22 00:00:00
oraclelinux
oraclelinux
webkit2gtk3 security update
2024-05-23 00:00:00
webkit2gtk3 security update
2024-05-02 00:00:00
redhat
redhat
(RHSA-2024:2126) Important: webkit2gtk3 security update
2024-04-30 06:14:49
(RHSA-2024:2982) Important: webkit2gtk3 security update
2024-05-22 06:35:16
(RHSA-2023:4201) Important: webkit2gtk3 security update
2023-07-18 14:24:50
rocky
rocky
webkit2gtk3 security update
2024-06-14 13:59:30
thn
thn
Apple Issues Patch for Critical Zero-Day in iPhones, Macs - Update Now
2024-01-23 01:30:00
CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability
2024-02-01 05:02:00
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws
2024-03-06 05:54:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2024-04-26 09:47:12
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.001
Percentile
47.1%
Related for USN-6631-1