Debian Webkit2Gtk vulnerabilities
678 known vulnerabilities affecting debian/webkit2gtk.
Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275
Vulnerabilities
Page 10 of 34
CVE-2022-32886P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2022
CVE-2022-32886 [HIGH] CVE-2022-32886: webkit2gtk - A buffer overflow issue was addressed with improved memory handling. This issue ...
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.38.0-1)
bullseye: resolved (fixed in 2.38.0-1~deb11u1)
forky: resolved (fixed in 2.38.0-1)
sid: resolve
debian
CVE-2022-32888P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2022
CVE-2022-32888 [HIGH] CVE-2022-32888: webkit2gtk - An out-of-bounds write issue was addressed with improved bounds checking. This i...
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.38.0-1)
bullseye: resolved (fi
debian
CVE-2022-42863P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2022
CVE-2022-42863 [HIGH] CVE-2022-42863: webkit2gtk - A memory corruption issue was addressed with improved state management. This iss...
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.38.0-1)
bullseye: resolved (fixed in 2.38.0-1~deb11u1)
forky:
debian
CVE-2023-43010P3HIGHCVSS 8.8fixed in webkit2gtk 2.44.1-1~deb12u1 (bookworm)2023
CVE-2023-43010 [HIGH] CVE-2023-43010: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in iO...
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
Scope: local
bookworm: resolved (fixed in 2.44.1-1~deb12u1)
bullseye: resolved (fixed in 2.44
debian
CVE-2017-7064P4LOWCVSS 5.5PoCfixed in webkit2gtk 2.16.6-1 (bookworm)2017
CVE-2017-7064 [MEDIUM] CVE-2017-7064: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected...
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Scope: local
bookworm: resolved (f
debian
CVE-2020-3897P3HIGHCVSS 8.8fixed in webkit2gtk 2.28.0-2 (bookworm)2020
CVE-2020-3897 [HIGH] CVE-2020-3897: webkit2gtk - A type confusion issue was addressed with improved memory handling. This issue i...
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.28.0-2)
bullseye: resolv
debian
CVE-2020-3899P3HIGHCVSS 8.8fixed in webkit2gtk 2.28.2-1 (bookworm)2020
CVE-2020-3899 [HIGH] CVE-2020-3899: webkit2gtk - A memory consumption issue was addressed with improved memory handling. This iss...
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.28.2-1)
bullseye: re
debian
CVE-2020-13543P3HIGHCVSS 8.8fixed in webkit2gtk 2.30.3-1 (bookworm)2020
CVE-2020-13543 [HIGH] CVE-2020-13543: webkit2gtk - A code execution vulnerability exists in the WebSocket functionality of Webkit W...
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.
Scope: local
bookworm: resolved (fixed in 2.30.3-1)
bullseye: resolved (fixed
debian
CVE-2018-4246P3LOWCVSS 8.8fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4246 [HIGH] CVE-2018-4246: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.4 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a
debian
CVE-2019-8816P3HIGHCVSS 8.8fixed in webkit2gtk 2.26.1-1 (bookworm)2019
CVE-2019-8816 [HIGH] CVE-2019-8816: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed i
debian
CVE-2019-8814P3HIGHCVSS 8.8fixed in webkit2gtk 2.26.2-1 (bookworm)2019
CVE-2019-8814 [HIGH] CVE-2019-8814: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.26.2-1)
b
debian
CVE-2019-8676P3HIGHCVSS 8.8fixed in webkit2gtk 2.24.3-1 (bookworm)2019
CVE-2019-8676 [HIGH] CVE-2019-8676: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fi
debian
CVE-2019-8669P3HIGHCVSS 8.8fixed in webkit2gtk 2.24.4-1 (bookworm)2019
CVE-2019-8669 [HIGH] CVE-2019-8669: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fi
debian
CVE-2019-8684P3HIGHCVSS 8.8fixed in webkit2gtk 2.24.4-1 (bookworm)2019
CVE-2019-8684 [HIGH] CVE-2019-8684: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fi
debian
CVE-2019-8846P3HIGHCVSS 8.8fixed in webkit2gtk 2.26.3-1 (bookworm)2019
CVE-2019-8846 [HIGH] CVE-2019-8846: webkit2gtk - A use after free issue was addressed with improved memory management. This issue...
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.26.3-1)
bullseye: r
debian
CVE-2021-30795P3HIGHCVSS 8.8fixed in webkit2gtk 2.32.3-1 (bookworm)2021
CVE-2021-30795 [HIGH] CVE-2021-30795: webkit2gtk - A use after free issue was addressed with improved memory management. This issue...
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.32.3-1)
bullseye: resolved (fixed in 2.32.3-1)
forky: resolved (fixed in 2.32.
debian
CVE-2019-8812P3HIGHCVSS 8.8fixed in webkit2gtk 2.26.2-1 (bookworm)2019
CVE-2019-8812 [HIGH] CVE-2019-8812: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.26.2-1)
bullseye: resolved (fixed in 2.26.2-1)
debian
CVE-2019-8808P3HIGHCVSS 8.8fixed in webkit2gtk 2.26.0-1 (bookworm)2019
CVE-2019-8808 [HIGH] CVE-2019-8808: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.26.0-1)
bullseye: resolved (fixed in 2.26.0-1)
debian
CVE-2020-3901P3HIGHCVSS 8.8fixed in webkit2gtk 2.28.0-2 (bookworm)2020
CVE-2020-3901 [HIGH] CVE-2020-3901: webkit2gtk - A type confusion issue was addressed with improved memory handling. This issue i...
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.28.0-2)
debian
CVE-2021-1817P3HIGHCVSS 8.8fixed in webkit2gtk 2.30.1-1 (bookworm)2021
CVE-2021-1817 [HIGH] CVE-2021-1817: webkit2gtk - A memory corruption issue was addressed with improved state management. This iss...
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.30.1-1)
bullseye: resolved (fixed in 2.30.1-1)
forky: resolved (fixed in 2.30
debian