Unrated severityNVD Advisory· Published Jul 19, 2018· Updated Aug 5, 2024

CVE-2018-12911

Description

WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.

Affected products

osv-coords8 versions
pkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweed pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 2.32.4-1.1+ 7 more
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.20.3-2.23.8
- (no CPE)range: < 2.20.5-3.8.1
- (no CPE)range: < 2.20.5-3.8.1
- (no CPE)range: < 2.20.3-2.23.8
- (no CPE)range: < 2.20.3-2.23.8
- (no CPE)range: < 2.20.3-2.23.8
- (no CPE)range: < 2.20.3-2.23.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

usn.ubuntu.com/3743-1/mitrevendor-advisoryx_refsource_UBUNTU
trac.webkit.org/changeset/233404/webkitmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000