Debian Webkit2Gtk vulnerabilities

CVE-2018-4306 [HIGH] CVE-2018-4306: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolved (fix

CVE-2018-4162 [HIGH] CVE-2018-4162: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a

CVE-2018-4267 [HIGH] CVE-2018-4267: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fixed in 2.20.4-1)

CVE-2018-4264 [HIGH] CVE-2018-4264: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (fix

CVE-2018-4312 [HIGH] CVE-2018-4312: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolved (fix

CVE-2018-4127 [HIGH] CVE-2018-4127: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru

CVE-2018-4208 [HIGH] CVE-2018-4208: webkit2gtk - In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS befo... In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) s

CVE-2018-4210 [HIGH] CVE-2018-4210: webkit2gtk - In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iT... In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2)

CVE-2018-4273 [MEDIUM] CVE-2018-4273: webkit2gtk - Multiple memory corruption issues were addressed with improved input validation.... Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Scope: local bookworm: resolved (fixed in 2.20.4-1) bullseye: resolved (fixed in 2.20.4-1) forky: resolved (fixed in 2.20.4-1) sid: resolved (

CVE-2018-4358 [HIGH] CVE-2018-4358: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ... Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2)

CVE-2018-4122 [HIGH] CVE-2018-4122: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a

CVE-2018-4442 [HIGH] CVE-2018-4442: webkit2gtk - A memory corruption issue was addressed with improved memory handling. This issu... A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Scope: local bookworm: resolved (fixed in 2.22.3-1) bullseye: resolved (fixed in 2.22.3-1) forky: resolved (fixed in 2.22.3-1) sid: resolved (fixed in 2

CVE-2018-4438 [HIGH] CVE-2018-4438: webkit2gtk - A logic issue existed resulting in memory corruption. This was addressed with im... A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Scope: local bookworm: resolved (fixed in 2.22.3-1) bullseye: resolved (fixed in 2.22.3-1) forky: resolved (fixed in 2

CVE-2018-11646 [HIGH] CVE-2018-11646: webkit2gtk - webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPag... webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash. Scope: local bookworm: resolved (fixed in 2.20.3-1) bullseye: resolved (fixed in 2.20.3-1) forky: resolved (fixed in 2.20.

CVE-2018-11712 [HIGH] CVE-2018-11712: webkit2gtk - WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup netw... WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. Scope: local bookworm: resolved (fixed in 2.20.2-1) bullseye: resolved (fixed in 2.20.2-1) forky: resolved (fixed in 2.20.2-1) sid: resolv

CVE-2018-4088 [HIGH] CVE-2018-4088: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.2.5 is affected... An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "WebKit" component. It allows remote atta

CVE-2018-4318 [HIGH] CVE-2018-4318: webkit2gtk - A use after free issue was addressed with improved memory management. This issue... A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolved (fix

CVE-2018-4101 [HIGH] CVE-2018-4101: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.3 is affected. ... An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corru

CVE-2018-4319 [HIGH] CVE-2018-4319: webkit2gtk - A cross-origin issue existed with "iframe" elements. This was addressed with imp... A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: re

CVE-2018-4316 [HIGH] CVE-2018-4316: webkit2gtk - A memory corruption issue was addressed with improved state management. This iss... A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Scope: local bookworm: resolved (fixed in 2.22.0-2) bullseye: resolved (fixed in 2.22.0-2) forky: resolved (fixed in 2.22.0-2) sid: resolved (fixed in 2.22.0-2) trixie: resolved (f