Debian Webkit2Gtk vulnerabilities

680 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs
680
CISA KEV
38
actively exploited
Public exploits
102
Exploited in wild
32
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW277

Vulnerabilities

Page 22 of 34
CVE-2018-4270LOWCVSS 6.5fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4270 [MEDIUM] CVE-2018-4270: webkit2gtk - A memory corruption issue was addressed with improved memory handling. This issu... A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fixed in 2
debian
CVE-2018-4262LOWCVSS 8.8fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4262 [HIGH] CVE-2018-4262: webkit2gtk - In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS... In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fixed in 2.20.4-1)
debian
CVE-2018-4114LOWCVSS 8.8fixed in webkit2gtk 2.20.0-2 (bookworm)2018
CVE-2018-4114 [HIGH] CVE-2018-4114: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a
debian
CVE-2018-4199LOWCVSS 8.8fixed in webkit2gtk 2.20.3-1 (bookworm)2018
CVE-2018-4199 [HIGH] CVE-2018-4199: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.4 is affected. ... An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer ove
debian
CVE-2018-4376LOWCVSS 8.8fixed in webkit2gtk 2.22.1-1 (bookworm)2018
CVE-2018-4376 [HIGH] CVE-2018-4376: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Scope: local bookworm: resolved (fixed in 2.22.1-1) bullseye: resolved (fixed in 2.22.1-1) forky: resolved (fixed in 2.22.1-1) sid: resolved (fixed in 2.22.1-1) trixie: res
debian
CVE-2018-4345LOWCVSS 6.1fixed in webkit2gtk 2.22.3-1 (bookworm)2018
CVE-2018-4345 [MEDIUM] CVE-2018-4345: webkit2gtk - A cross-site scripting issue existed in Safari. This issue was addressed with im... A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.3-1) bullseye: resolved (fixed in 2.22.3-1) forky: resolved (fixed in 2.22.3-1) sid: resolved (fixed
debian
CVE-2018-4207LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4207 [HIGH] CVE-2018-4207: webkit2gtk - In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS befo... In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) s
debian
CVE-2018-4378LOWCVSS 8.8fixed in webkit2gtk 2.22.1-1 (bookworm)2018
CVE-2018-4378 [HIGH] CVE-2018-4378: webkit2gtk - A memory corruption issue was addressed with improved validation. This issue aff... A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Scope: local bookworm: resolved (fixed in 2.22.1-1) bullseye: resolved (fixed in 2.22.1-1) forky: resolved (fixed in 2.22.1-1) sid: resolved (fixed in 2.22.1-1) trixie: resolv
debian
CVE-2018-12293LOWCVSS 8.8PoCfixed in webkit2gtk 2.20.3-1 (bookworm)2018
CVE-2018-12293 [HIGH] CVE-2018-12293: webkit2gtk - The getImageData function in the ImageBufferCairo class in WebCore/platform/grap... The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content. Scope: local bookworm: resolv
debian
CVE-2018-4328LOWCVSS 8.8PoCfixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4328 [HIGH] CVE-2018-4328: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: res
debian
CVE-2018-4437LOWCVSS 8.8fixed in webkit2gtk 2.22.5-1 (bookworm)2018
CVE-2018-4437 [HIGH] CVE-2018-4437: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Scope: local bookworm: resolved (fixed in 2.22.5-1) bullseye: resolved (fixed in 2.22.5-1) forky: resolved (fixed in 2.22.5-1) sid: resolved (f
debian
CVE-2018-4120LOWCVSS 8.8fixed in webkit2gtk 2.20.0-2 (bookworm)2018
CVE-2018-4120 [HIGH] CVE-2018-4120: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru
debian
CVE-2018-4204LOWCVSS 8.8fixed in webkit2gtk 2.20.1-1 (bookworm)2018
CVE-2018-4204 [HIGH] CVE-2018-4204: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.4 is affected. ... An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a
debian
CVE-2018-4392LOWCVSS 8.8fixed in webkit2gtk 2.22.1-1 (bookworm)2018
CVE-2018-4392 [HIGH] CVE-2018-4392: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Scope: local bookworm: resolved (fixed in 2.22.1-1) bullseye: resolved (fixed in 2.22.1-1) forky: resolved (fixed in 2.22.1-1) sid: resolved (fixed in 2.22.1-1)
debian
CVE-2018-12911LOWCVSS 9.8fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-12911 [CRITICAL] CVE-2018-12911: webkit2gtk - WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write,... WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fixed in 2.20.4-1) tr
debian
CVE-2018-4212LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4212 [HIGH] CVE-2018-4212: webkit2gtk - In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS befo... In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) s
debian
CVE-2018-4191LOWCVSS 8.8fixed in webkit2gtk 2.22.0-2 (bookworm)2018
CVE-2018-4191 [HIGH] CVE-2018-4191: webkit2gtk - A memory corruption issue was addressed with improved validation. This issue aff... A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolv
debian
CVE-2018-4133LOWCVSS 6.1fixed in webkit2gtk 2.20.0-2 (bookworm)2018
CVE-2018-4133 [MEDIUM] CVE-2018-4133: webkit2gtk - An issue was discovered in certain Apple products. Safari before 11.1 is affecte... An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Scope: local bookworm: resolved (fixed in 2.20.0-2) bullseye: resolved (fixed in 2.20.0-2) forky: resolved
debian
CVE-2018-4266LOWCVSS 5.9fixed in webkit2gtk 2.20.4-1 (bookworm)2018
CVE-2018-4266 [MEDIUM] CVE-2018-4266: webkit2gtk - A race condition was addressed with additional validation. This issue affected v... A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fixe
debian
CVE-2018-4192LOWCVSS 7.5PoCfixed in webkit2gtk 2.20.1-1 (bookworm)2018
CVE-2018-4192 [HIGH] CVE-2018-4192: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.4 is affected. ... An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a
debian
← Previous22 / 34Next →