cbcvebase.

Debian Webkit2Gtk vulnerabilities

678 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275

Vulnerabilities

Page 22 of 34
CVE-2018-4361P3LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4361 [HIGH] CVE-2018-4361: webkit2gtk - A memory consumption issue was addressed with improved memory handling. This iss... A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie:
debian
CVE-2020-13558P3HIGHCVSS 8.8fixed in webkit2gtk 2.30.5-1 (bookworm)2020
CVE-2020-13558 [HIGH] CVE-2020-13558: webkit2gtk - A code execution vulnerability exists in the AudioSourceProviderGStreamer functi... A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Scope: local bookworm: resolved (fixed in 2.30.5-1) bullseye: resolved (fixed in 2.30.5-1) forky: resolved (fixed in 2.30.5-1) sid: resolved (fixed in 2.30.5-1) trixie: resolved (fixed in 2.
debian
CVE-2019-8503P3HIGHCVSS 8.8fixed in webkit2gtk 2.24.1-1 (bookworm)2019
CVE-2019-8503 [HIGH] CVE-2019-8503: webkit2gtk - A logic issue was addressed with improved validation. This issue is fixed in iOS... A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. Scope: local bookworm: resolved (fixed in 2.24.1-1) bullseye: resolved (fixed in 2.24.1-1) forky: resolved (fixed in 2
debian
CVE-2017-7012P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-7012 [HIGH] CVE-2017-7012: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected... An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and
debian
CVE-2017-2526P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2526 [HIGH] CVE-2017-2526: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resolved (fixed in 2.16.3-2) bullseye
debian
CVE-2017-2544P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2544 [HIGH] CVE-2017-2544: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resolved (fixed in 2.16.3-2) bullseye
debian
CVE-2023-25358P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2023
CVE-2023-25358 [HIGH] CVE-2023-25358: webkit2gtk - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK be... A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Scope: local bookworm: resolved (fixed in 2.38.0-1) bullseye: resolved (fixed in 2.38.0-1~deb11u1) forky: resolved (fixed in 2.38.0-1) sid: resolved (fixed in 2.38.0-1) trixie: resolved (fixed in 2.38.0-1)
debian
CVE-2023-25363P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2023
CVE-2023-25363 [HIGH] CVE-2023-25363: webkit2gtk - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependen... A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Scope: local bookworm: resolved (fixed in 2.38.0-1) bullseye: resolved (fixed in 2.38.0-1~deb11u1) forky: resolved (fixed in 2.38.0-1) sid: resolved (fixed in 2.38.0-1) trixie: resolved (fixed in 2.38.0-1)
debian
CVE-2023-25362P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2023
CVE-2023-25362 [HIGH] CVE-2023-25362: webkit2gtk - A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGap... A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Scope: local bookworm: resolved (fixed in 2.38.0-1) bullseye: resolved (fixed in 2.38.0-1~deb11u1) forky: resolved (fixed in 2.38.0-1) sid: resolved (fixed in 2.38.0-1) trixie: resolved (fixed in 2.38.0-1)
debian
CVE-2023-25360P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2023
CVE-2023-25360 [HIGH] CVE-2023-25360: webkit2gtk - A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK be... A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Scope: local bookworm: resolved (fixed in 2.38.0-1) bullseye: resolved (fixed in 2.38.0-1~deb11u1) forky: resolved (fixed in 2.38.0-1) sid: resolved (fixed in 2.38.0-1) trixie: resolved (fixed in 2.38.0-1)
debian
CVE-2023-25361P3HIGHCVSS 8.8fixed in webkit2gtk 2.38.0-1 (bookworm)2023
CVE-2023-25361 [HIGH] CVE-2023-25361: webkit2gtk - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKit... A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. Scope: local bookworm: resolved (fixed in 2.38.0-1) bullseye: resolved (fixed in 2.38.0-1~deb11u1) forky: resolved (fixed in 2.38.0-1) sid: resolved (fixed in 2.38.0-1) trixie: resolved (fixed in 2.38.0-1)
debian
CVE-2021-30954P3HIGHCVSS 7.8fixed in webkit2gtk 2.34.4-1 (bookworm)2021
CVE-2021-30954 [HIGH] CVE-2021-30954: webkit2gtk - A type confusion issue was addressed with improved memory handling. This issue i... A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. Scope: local bookworm: resolved (fixed in 2.34.4-1) bullseye: resolved (fixed in 2.34.4-1~deb11u1) forky: res
debian
CVE-2025-31223P3HIGHCVSS 8.0fixed in webkit2gtk 2.50.1-1~deb12u1 (bookworm)2025
CVE-2025-31223 [HIGH] CVE-2025-31223: webkit2gtk - The issue was addressed with improved checks. This issue is fixed in Safari 18.5... The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. Scope: local bookworm: resolved (fixed in 2.50.1-1~deb12u1) bullseye: resolved (fixed in 2.50.0-1) forky: resolved (fixed in
debian
CVE-2023-42875P3HIGHCVSS 7.3fixed in webkit2gtk 2.42.1-1~deb12u1 (bookworm)2023
CVE-2023-42875 [HIGH] CVE-2023-42875: webkit2gtk - Processing web content may lead to arbitrary code execution. This issue is fixed... Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling. Scope: local bookworm: resolved (fixed in 2.42.1-1~deb12u1) bullseye: resolved (fixed in 2.42.1-1~deb11u1) forky: resolved (fixed in 2.42.0-1) sid: resolve
debian
CVE-2018-4264P3LOWCVSS 8.8fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4264 [HIGH] CVE-2018-4264: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fix
debian
CVE-2018-4272P3LOWCVSS 8.8fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4272 [HIGH] CVE-2018-4272: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fix
debian
CVE-2018-4372P3LOWCVSS 8.8fixed in webkit2gtk 2.22.4-1 (bookworm)2018
CVE-2018-4372 [HIGH] CVE-2018-4372: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Scope: local bookworm: resolved (fixed in 2.22.4-1) bullseye: resolved (fixed in 2.22.4-1) forky: resolved (fixed in 2.22.4-1) sid: resolved (fixed in 2.22.4-1)
debian
CVE-2017-2506P3LOWCVSS 8.8fixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2506 [HIGH] CVE-2017-2506: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected... An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Scope: local bookworm: resolved (fixed in 2.16.3-2) bullseye
debian
CVE-2018-4378P3LOWCVSS 8.8fixed in webkit2gtk 2.22.1-1 (bookworm)2018
CVE-2018-4378 [HIGH] CVE-2018-4378: webkit2gtk - A memory corruption issue was addressed with improved validation. This issue aff... A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Scope: local bookworm: resolved (fixed in 2.22.1-1) bullseye: resolved (fixed in 2.22.1-1) forky: resolved (fixed in 2.22.1-1) sid: resolved (fixed in 2.22.1-1) trixie: resolv
debian
CVE-2025-24223P3HIGHCVSS 8.0fixed in webkit2gtk 2.48.3-1~deb12u1 (bookworm)2025
CVE-2025-24223 [HIGH] CVE-2025-24223: webkit2gtk - The issue was addressed with improved memory handling. This issue is fixed in Sa... The issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. Scope: local bookworm: resolved (fixed in 2.48.3-1~deb12u1) bullseye: resolved (fixed in 2.48.3-1~deb11u1) forky: r
debian
Debian Webkit2Gtk vulnerabilities | cvebase