Debian Webkit2Gtk vulnerabilities
678 known vulnerabilities affecting debian/webkit2gtk.
Total CVEs
678
CISA KEV
38
actively exploited
Public exploits
113
Exploited in wild
53
Severity breakdown
CRITICAL14HIGH239MEDIUM150LOW275
Vulnerabilities
Page 7 of 34
CVE-2017-2457P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2457 [HIGH] CVE-2017-2457: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3 is affected. ...
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.16.3-2)
bullseye: re
debian
CVE-2017-2514P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2514 [HIGH] CVE-2017-2514: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected...
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.16.3-2)
bullseye
debian
CVE-2017-13791P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13791 [HIGH] CVE-2017-13791: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13783P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13783 [HIGH] CVE-2017-13783: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13796P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13796 [HIGH] CVE-2017-13796: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13784P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13784 [HIGH] CVE-2017-13784: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13792P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13792 [HIGH] CVE-2017-13792: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13802P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13802 [HIGH] CVE-2017-13802: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13795P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13795 [HIGH] CVE-2017-13795: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2017-13785P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-13785 [HIGH] CVE-2017-13785: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11.1 is affected. ...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory c
debian
CVE-2018-4442P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.22.3-1 (bookworm)2018
CVE-2018-4442 [HIGH] CVE-2018-4442: webkit2gtk - A memory corruption issue was addressed with improved memory handling. This issu...
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Scope: local
bookworm: resolved (fixed in 2.22.3-1)
bullseye: resolved (fixed in 2.22.3-1)
forky: resolved (fixed in 2.22.3-1)
sid: resolved (fixed in 2
debian
CVE-2018-4438P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.22.3-1 (bookworm)2018
CVE-2018-4438 [HIGH] CVE-2018-4438: webkit2gtk - A logic issue existed resulting in memory corruption. This was addressed with im...
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Scope: local
bookworm: resolved (fixed in 2.22.3-1)
bullseye: resolved (fixed in 2.22.3-1)
forky: resolved (fixed in 2
debian
CVE-2018-4382P2LOWCVSS 8.8PoCfixed in webkit2gtk 2.22.1-1 (bookworm)2018
CVE-2018-4382 [HIGH] CVE-2018-4382: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Scope: local
bookworm: resolved (fixed in 2.22.1-1)
bullseye: resolved (fixed in 2.22.1-1)
forky: resolved (fixed in 2.22.1-1)
sid: resolved (fixed in 2.22.1-1)
debian
CVE-2017-2447P3LOWCVSS 8.1PoCfixed in webkit2gtk 2.16.3-2 (bookworm)2017
CVE-2017-2447 [HIGH] CVE-2017-2447: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3 is affected. ...
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.16.3-2
debian
CVE-2022-42867P2HIGHCVSS 8.8fixed in webkit2gtk 2.38.3-1 (bookworm)2022
CVE-2022-42867 [HIGH] CVE-2022-42867: webkit2gtk - A use after free issue was addressed with improved memory management. This issue...
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.38.3-1)
bullseye: resolved (fixed in 2.38.3-1~deb11u1)
forky: re
debian
CVE-2017-2365P3LOWCVSS 6.5PoCfixed in webkit2gtk 2.14.4-1 (bookworm)2017
CVE-2017-2365 [MEDIUM] CVE-2017-2365: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected...
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.14.4-1)
bulls
debian
CVE-2017-2363P3LOWCVSS 6.5PoCfixed in webkit2gtk 2.14.4-1 (bookworm)2017
CVE-2017-2363 [MEDIUM] CVE-2017-2363: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected...
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Scope: local
bookworm:
debian
CVE-2017-2364P3LOWCVSS 6.5PoCfixed in webkit2gtk 2.14.6-1 (bookworm)2017
CVE-2017-2364 [MEDIUM] CVE-2017-2364: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected...
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.14.6-1)
bullseye: resolved (fixed in 2.14.6-1
debian
CVE-2017-2371P3LOWCVSS 6.5PoCfixed in webkit2gtk 2.14.4-1 (bookworm)2017
CVE-2017-2371 [MEDIUM] CVE-2017-2371: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected...
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site.
Scope: local
bookworm: resolved (fixed in 2.14.4-1)
bullseye: resolved (fixed in 2.14.4-1)
forky: resolved (fixed in 2.14.4-1)
sid: resolved (fixed in 2.14.4-1)
trixie:
debian
CVE-2017-7089P3LOWCVSS 6.1PoCfixed in webkit2gtk 2.18.1-1 (bookworm)2017
CVE-2017-7089 [MEDIUM] CVE-2017-7089: webkit2gtk - An issue was discovered in certain Apple products. iOS before 11 is affected. Sa...
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing.
Scope: local
bookworm: resolved (
debian