Debian Webkit2Gtk vulnerabilities

680 known vulnerabilities affecting debian/webkit2gtk.

Total CVEs

680

CISA KEV

actively exploited

Public exploits

102

Exploited in wild

Severity breakdown

CRITICAL14HIGH239MEDIUM150LOW277

Vulnerabilities

Page 34 of 34

CVE-2016-7639LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7639 [HIGH] CVE-2016-7639: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7642LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7642 [HIGH] CVE-2016-7642: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-4622LOWCVSS 8.8fixed in webkit2gtk 2.12.4-1 (bookworm)2016

CVE-2016-4622 [HIGH] CVE-2016-4622: webkit2gtk - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 all... WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4623, and CVE-2016-4624. Scope: local bookworm: resolved (fixed in 2.12.4-1) bullseye: resolved (fixed in 2.12.4

debian

CVE-2016-7635LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7635 [HIGH] CVE-2016-7635: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7646LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7646 [HIGH] CVE-2016-7646: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7611LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7611 [HIGH] CVE-2016-7611: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7649LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7649 [HIGH] CVE-2016-7649: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-4692LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-4692 [HIGH] CVE-2016-4692: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7656LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7656 [HIGH] CVE-2016-7656: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7623LOWCVSS 6.5fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7623 [MEDIUM] CVE-2016-7623: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site. Scope: local bookworm: resolved (fixed in 2.14.3-1) bullseye: resolved (fixed in 2.14.3-1) forky: resolved (fixed in 2.

debian

CVE-2016-4591LOWCVSS 7.5fixed in webkit2gtk 2.12.4-1 (bookworm)2016

CVE-2016-4591 [HIGH] CVE-2016-4591: webkit2gtk - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mis... WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. Scope: local bookworm: resolved (fixed in 2.12.4-1) bullseye: resolved (fixed in 2.12.4-1) forky: resolved (fixed in 2.12.4-1) sid: resolved (fixed in 2.12.4-1) trixie: r

debian

CVE-2016-7587LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7587 [HIGH] CVE-2016-7587: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7599LOWCVSS 6.5fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7599 [MEDIUM] CVE-2016-7599: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses HTTP redirects. S

debian

CVE-2016-7652LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7652 [HIGH] CVE-2016-7652: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7654LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7654 [HIGH] CVE-2016-7654: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-7641LOWCVSS 8.8fixed in webkit2gtk 2.14.3-1 (bookworm)2016

CVE-2016-7641 [HIGH] CVE-2016-7641: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2 is affected. ... An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web sit

debian

CVE-2016-4624LOWCVSS 8.8fixed in webkit2gtk 2.12.4-1 (bookworm)2016

CVE-2016-4624 [HIGH] CVE-2016-4624: webkit2gtk - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 all... WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4623. Scope: local bookworm: resolved (fixed in 2.12.4-1) bullseye: resolved (fixed in 2.12.4

debian

CVE-2015-7096LOWCVSS 6.8fixed in webkit2gtk 2.10.5-1 (bookworm)2015

CVE-2015-7096 [MEDIUM] CVE-2015-7096: webkit2gtk - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows ... WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-71

debian

CVE-2015-7098LOWCVSS 6.8fixed in webkit2gtk 2.10.5-1 (bookworm)2015

CVE-2015-7098 [MEDIUM] CVE-2015-7098: webkit2gtk - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows ... WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-71

debian

CVE-2014-1745HIGHCVSS 7.1fixed in webkit2gtk 2.42.1-1~deb12u1 (bookworm)2014

CVE-2014-1745 [HIGH] CVE-2014-1745: webkit2gtk - Use-after-free vulnerability in the SVG implementation in Blink, as used in Goog... Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. Scope: local bookworm: resolved (fixed in 2.42.1-1

debian

← Previous34 / 34