cbcvebase.

Debian Webkit2Gtk vulnerabilities

678 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275

Vulnerabilities

Page 1 of 34
CVE-2023-41993P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.42.1-1~deb12u1 (bookworm)2023
CVE-2023-41993 [HIGH] CVE-2023-41993: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in macOS Sonom... The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Scope: local bookworm: resolved (fixed in 2.42.1-1~deb12u1) bullseye: resolved (fixed in 2.42.1-1~deb
debian
CVE-2025-14174P1LOWCVSS 8.8KEVPoCfixed in webkit2gtk 2.50.4-1~deb12u1 (bookworm)2025
CVE-2025-14174 [HIGH] CVE-2025-14174: chromium - Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499... Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2023-28205P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.40.1-1 (bookworm)2023
CVE-2023-28205 [HIGH] CVE-2023-28205: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local book
debian
CVE-2025-24201P1CRITICALCVSS 10.0KEVPoCfixed in chromium 134.0.6998.88-1~deb12u1 (bookworm)2025
CVE-2025-24201 [CRITICAL] CVE-2025-24201: chromium - An out-of-bounds write issue was addressed with improved checks to prevent unaut... An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Conte
debian
CVE-2019-8506P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.24.1-1 (bookworm)2019
CVE-2019-8506 [HIGH] CVE-2019-8506: webkit2gtk - A type confusion issue was addressed with improved memory handling. This issue i... A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed in 2.24.1-1) forky
debian
CVE-2025-43529P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.50.4-1~deb12u1 (bookworm)2025
CVE-2025-43529 [HIGH] CVE-2025-43529: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue... A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploit
debian
CVE-2022-22620P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.34.6-1 (bookworm)2022
CVE-2022-22620 [HIGH] CVE-2022-22620: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Scope: loc
debian
CVE-2021-30858P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.32.4-1 (bookworm)2021
CVE-2021-30858 [HIGH] CVE-2021-30858: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local bookworm: resolved (fixed in 2.32.4-1) bullseye: resolv
debian
CVE-2024-23222P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.42.5-1~deb12u1 (bookworm)2024
CVE-2024-23222 [HIGH] CVE-2024-23222: webkit2gtk - A type confusion issue was addressed with improved checks. This issue is fixed i... A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix ass
debian
CVE-2024-44308P1HIGHCVSS 8.8KEVPoCfixed in webkit2gtk 2.46.4-1~deb12u1 (bookworm)2024
CVE-2024-44308 [HIGH] CVE-2024-44308: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in Safari 18.1... The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems
debian
CVE-2025-6558P1HIGHCVSS 8.8KEVPoCfixed in chromium 138.0.7204.157-1~deb12u1 (bookworm)2025
CVE-2025-6558 [HIGH] CVE-2025-6558: chromium - Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome pri... Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 138.0.7204.157-1~deb12u1) bullseye: open forky: resolved (fixed in 138.0.7204.157-1) sid: resolved (
debian
CVE-2022-2294P1HIGHCVSS 8.8KEVRansomwarefixed in chromium 103.0.5060.114-1 (bookworm)2022
CVE-2022-2294 [HIGH] CVE-2022-2294: chromium - Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed ... Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 103.0.5060.114-1) bullseye: resolved (fixed in 103.0.5060.114-1~deb11u1) forky: resolved (fixed in 103.0.5060.114-1) sid: resolved (fixed in 103.0.5060.114-1) trixie
debian
CVE-2023-32439P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.40.3-2~deb12u1 (bookworm)2023
CVE-2023-32439 [HIGH] CVE-2023-32439: webkit2gtk - A type confusion issue was addressed with improved checks. This issue is fixed i... A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local bookworm: resol
debian
CVE-2023-37450P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.40.3-2~deb12u2 (bookworm)2023
CVE-2023-37450 [HIGH] CVE-2023-37450: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in iOS 16.6 an... The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local bookworm: resolved (fixed in 2.40.3-2~deb12u2) bullseye: res
debian
CVE-2023-32435P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.40.0-1 (bookworm)2023
CVE-2023-32435 [HIGH] CVE-2023-32435: webkit2gtk - A memory corruption issue was addressed with improved state management. This iss... A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS
debian
CVE-2023-32373P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.40.2-1~deb12u1 (bookworm)2023
CVE-2023-32373 [HIGH] CVE-2023-32373: webkit2gtk - A use-after-free issue was addressed with improved memory management. This issue... A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. S
debian
CVE-2022-32893P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.36.7-1 (bookworm)2022
CVE-2022-32893 [HIGH] CVE-2022-32893: webkit2gtk - An out-of-bounds write issue was addressed with improved bounds checking. This i... An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local bookworm: resolved (fixed in
debian
CVE-2022-42856P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.38.3-1 (bookworm)2022
CVE-2022-42856 [HIGH] CVE-2022-42856: webkit2gtk - A type confusion issue was addressed with improved state handling. This issue is... A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released
debian
CVE-2023-23529P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.38.5-1 (bookworm)2023
CVE-2023-23529 [HIGH] CVE-2023-23529: webkit2gtk - A type confusion issue was addressed with improved checks. This issue is fixed i... A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Scope: local bookworm: resolve
debian
CVE-2023-42917P1HIGHCVSS 8.8KEVfixed in webkit2gtk 2.42.3-1~deb12u1 (bookworm)2023
CVE-2023-42917 [HIGH] CVE-2023-42917: webkit2gtk - A memory corruption vulnerability was addressed with improved locking. This issu... A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Scope: local bookworm: resolved (f
debian
1 / 34Next →
Debian Webkit2Gtk vulnerabilities | cvebase