Debian Webkit2Gtk vulnerabilities

680 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs

680

CISA KEV

actively exploited

Public exploits

102

Exploited in wild

Severity breakdown

CRITICAL14HIGH239MEDIUM150LOW277

Vulnerabilities

Page 20 of 34

CVE-2019-8544HIGHCVSS 8.8fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-8544 [HIGH] CVE-2019-8544: webkit2gtk - A memory corruption issue was addressed with improved memory handling. This issu... A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed in 2.24.1-1) fo

debian

CVE-2019-8783HIGHCVSS 8.8fixed in webkit2gtk 2.26.1-1 (bookworm)2019

CVE-2019-8783 [HIGH] CVE-2019-8783: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.26.1-1) b

debian

CVE-2019-8672HIGHCVSS 8.8PoCfixed in webkit2gtk 2.24.2-1 (bookworm)2019

CVE-2019-8672 [HIGH] CVE-2019-8672: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fi

debian

CVE-2019-8671HIGHCVSS 8.8PoCfixed in webkit2gtk 2.24.2-1 (bookworm)2019

CVE-2019-8671 [HIGH] CVE-2019-8671: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.2

debian

CVE-2019-8766HIGHCVSS 8.8fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8766 [HIGH] CVE-2019-8766: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1) forky: resolved (fixed in 2.26.0-1) sid: resolved (fix

debian

CVE-2019-8808HIGHCVSS 8.8fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8808 [HIGH] CVE-2019-8808: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1)

debian

CVE-2019-8559HIGHCVSS 8.8fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-8559 [HIGH] CVE-2019-8559: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed in 2.2

debian

CVE-2019-8584HIGHCVSS 8.8fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-8584 [HIGH] CVE-2019-8584: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (f

debian

CVE-2019-8710HIGHCVSS 8.8fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8710 [HIGH] CVE-2019-8710: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1) forky: resolved (fixed in 2.26.0-1) sid: resolved (fixed in 2.26.0-

debian

CVE-2019-8768MEDIUMCVSS 5.3fixed in webkit2gtk 2.24.0-1 (bookworm)2019

CVE-2019-8768 [MEDIUM] CVE-2019-8768: webkit2gtk - "Clear History and Website Data" did not clear the history. The issue was addres... "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. Scope: local bookworm: resolved (fixed in 2.24.0-1) bullseye: resolved (fixed in 2.24.0-1) forky: resolved (fixed in 2.24.0-1) sid: resolved (fixed in 2

debian

CVE-2019-8764MEDIUMCVSS 6.1fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8764 [MEDIUM] CVE-2019-8764: webkit2gtk - A logic issue was addressed with improved state management. This issue is fixed ... A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1) forky: resolved (fixed in 2.26.0-1) sid: resolved (fixed in 2.26.0-1) trixie: resolved (fix

debian

CVE-2019-8658MEDIUMCVSS 6.1fixed in webkit2gtk 2.24.4-1 (bookworm)2019

CVE-2019-8658 [MEDIUM] CVE-2019-8658: webkit2gtk - A logic issue was addressed with improved state management. This issue is fixed ... A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. Scope: local bookworm: resolved (fixed in 2.24.

debian

CVE-2019-8607MEDIUMCVSS 6.5fixed in webkit2gtk 2.24.2-1 (bookworm)2019

CVE-2019-8607 [MEDIUM] CVE-2019-8607: webkit2gtk - An out-of-bounds read was addressed with improved input validation. This issue i... An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. Scope: local bookworm: resolved (fixed in 2.24.2-1) bullse

debian

CVE-2019-8551MEDIUMCVSS 6.1fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-8551 [MEDIUM] CVE-2019-8551: webkit2gtk - A logic issue was addressed with improved validation. This issue is fixed in iOS... A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed in 2.24.1-1) forky: resolved (fixed i

debian

CVE-2019-11070MEDIUMCVSS 5.3fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-11070 [MEDIUM] CVE-2019-11070: webkit2gtk - WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply config... WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed

debian

CVE-2019-8625MEDIUMCVSS 6.1fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8625 [MEDIUM] CVE-2019-8625: webkit2gtk - A logic issue was addressed with improved state management. This issue is fixed ... A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1) forky: resolved (

debian

CVE-2019-8608MEDIUMCVSS 6.3fixed in webkit2gtk 2.24.1-1 (bookworm)2019

CVE-2019-8608 [MEDIUM] CVE-2019-8608: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved

debian

CVE-2019-8769MEDIUMCVSS 4.3fixed in webkit2gtk 2.26.0-1 (bookworm)2019

CVE-2019-8769 [MEDIUM] CVE-2019-8769: webkit2gtk - An issue existed in the drawing of web page elements. The issue was addressed wi... An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. Scope: local bookworm: resolved (fixed in 2.26.0-1) bullseye: resolved (fixed in 2.26.0-1) forky: resolved (fixed in 2.26.0-1)

debian

CVE-2019-8719MEDIUMCVSS 6.1fixed in webkit2gtk 2.24.4-1 (bookworm)2019

CVE-2019-8719 [MEDIUM] CVE-2019-8719: webkit2gtk - A logic issue was addressed with improved state management. This issue is fixed ... A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. Scope: local bookworm: resolved (fixed in 2.24.4-1) bullseye: resolved (fixed in 2.24.4-1) forky: resolved (

debian

CVE-2019-8649MEDIUMCVSS 6.1PoCfixed in webkit2gtk 2.24.4-1 (bookworm)2019

CVE-2019-8649 [MEDIUM] CVE-2019-8649: webkit2gtk - A logic issue existed in the handling of synchronous page loads. This issue was ... A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting

debian

← Previous20 / 34Next →