Unrated severityNVD Advisory· Published May 17, 2023· Updated Jan 22, 2025

CVE-2023-2203

Description

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

Affected products

N/a/Webkitgtkv5
Range: Affects webkit2gtk3 v2.38.5-1.el8 and webkit2gtk3 v2.38.5-1.el9, Fixed in webkit2gtk3 v2.38.5-1.el8_8.3 and webkit2gtk3 v2.38.5-1.el9_2.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2023:2653mitre
access.redhat.com/errata/RHSA-2023:3108mitre
access.redhat.com/security/cve/CVE-2023-2203mitre
bugzilla.redhat.com/show_bug.cgimitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000