Summary: | <net-libs/webkit-gtk-2.46.3{,-r410,-r600}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Orlitzky <mjo> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | gnome, mjo |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://webkitgtk.org/security/WSA-2024-0005.html | ||
Whiteboard: | A4 [stable?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 943636, 941277 | ||
Bug Blocks: |
Description
Michael Orlitzky
2024-10-11 13:23:36 UTC
https://webkitgtk.org/security/WSA-2024-0006.html * CVE-2024-44185 Versions affected: WebKitGTK and WPE WebKit before 2.46.0. Credit to Gary Kwong. Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks. WebKit Bugzilla: 276097 * CVE-2024-44244 Versions affected: WebKitGTK and WPE WebKit before 2.46.3. Credit to an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@p1umer). Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A memory corruption issue was addressed with improved input validation. WebKit Bugzilla: 279780 * CVE-2024-44296 Versions affected: WebKitGTK and WPE WebKit before 2.46.3. Credit to Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India). Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: The issue was addressed with improved checks. WebKit Bugzilla: 278765 |