cbcvebase.

Debian Webkit2Gtk vulnerabilities

678 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275

Vulnerabilities

Page 19 of 34
CVE-2017-7055P3LOWCVSS 8.8fixed in webkit2gtk 2.16.6-1 (bookworm)2017
CVE-2017-7055 [HIGH] CVE-2017-7055: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected... An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memo
debian
CVE-2017-2530P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2530 [HIGH] CVE-2017-2530: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iCloud before 6.2.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cr
debian
CVE-2017-2525P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2525 [HIGH] CVE-2017-2525: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resol
debian
CVE-2017-2505P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2505 [HIGH] CVE-2017-2505: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resol
debian
CVE-2023-39928P3HIGHCVSS 8.8fixed in webkit2gtk 2.42.1-1~deb12u1 (bookworm)2023
CVE-2023-39928 [HIGH] CVE-2023-39928: webkit2gtk - A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitG... A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 2.42.1-1~deb12u1) bullse
debian
CVE-2023-40451P3HIGHCVSS 8.8fixed in webkit2gtk 2.40.5-1~deb12u1 (bookworm)2023
CVE-2023-40451 [HIGH] CVE-2023-40451: webkit2gtk - This issue was addressed with improved iframe sandbox enforcement. This issue is... This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code. Scope: local bookworm: resolved (fixed in 2.40.5-1~deb12u1) bullseye: resolved (fixed in 2.40.5-1~deb11u1) forky: resolved (fixed in 2.40.5-1) sid: resolved (fixed in 2.40.5-1) trixie: re
debian
CVE-2025-66287P3HIGHCVSS 8.8fixed in webkit2gtk 2.50.3-1~deb12u1 (bookworm)2025
CVE-2025-66287 [HIGH] CVE-2025-66287: webkit2gtk - A flaw was found in WebKitGTK. Processing malicious web content can cause an une... A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Scope: local bookworm: resolved (fixed in 2.50.3-1~deb12u1) bullseye: resolved (fixed in 2.50.3-1~deb11u1) forky: resolved (fixed in 2.50.3-1) sid: resolved (fixed in 2.50.3-1) trixie: resolved (fixed in 2.50.3-1~deb13u1)
debian
CVE-2021-30849P3HIGHCVSS 7.8fixed in webkit2gtk 2.32.4-1 (bookworm)2021
CVE-2021-30849 [HIGH] CVE-2021-30849: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.32.4-1) bullseye: resolved (fixe
debian
CVE-2018-4191P3LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4191 [HIGH] CVE-2018-4191: webkit2gtk - A memory corruption issue was addressed with improved validation. This issue aff... A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolv
debian
CVE-2018-4316P3LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4316 [HIGH] CVE-2018-4316: webkit2gtk - A memory corruption issue was addressed with improved state management. This iss... A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolved (f
debian
CVE-2016-7632P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7632 [HIGH] CVE-2016-7632: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7611P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7611 [HIGH] CVE-2016-7611: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7645P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7645 [HIGH] CVE-2016-7645: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7639P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7639 [HIGH] CVE-2016-7639: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7642P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7642 [HIGH] CVE-2016-7642: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7656P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7656 [HIGH] CVE-2016-7656: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7654P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7654 [HIGH] CVE-2016-7654: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2016-7641P3LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016
CVE-2016-7641 [HIGH] CVE-2016-7641: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit
debian
CVE-2017-2433P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2433 [HIGH] CVE-2017-2433: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3 is affected. ... An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resolved (fixed in 2.16.3-2) bullseye: re
debian
CVE-2017-2405P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2405 [HIGH] CVE-2017-2405: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3 is affected. ... An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resolved (fixed in 2.16.3-2
debian
Debian Webkit2Gtk vulnerabilities | cvebase