rpm package
almalinux/webkit2gtk3-jsc
pkg:rpm/almalinux/webkit2gtk3-jsc
Vulnerabilities (240)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-43660 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Poli | |
| CVE-2026-43658 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |
| CVE-2026-28958 | Med | 5.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data. | |
| CVE-2026-28955 | Hig | 8.8 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces | |
| CVE-2026-28953 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces | |
| CVE-2026-28947 | Hig | 8.8 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |
| CVE-2026-28946 | Med | 6.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |
| CVE-2026-28942 | Med | 6.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | |
| CVE-2026-28907 | Hig | 8.1 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Po | |
| CVE-2026-28905 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | |
| CVE-2026-28904 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces | |
| CVE-2026-28903 | Med | 6.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces | |
| CVE-2026-28902 | Med | 6.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | |
| CVE-2026-28901 | Med | 4.3 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | |
| CVE-2026-28883 | Hig | 7.5 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | |
| CVE-2026-28847 | Hig | 8.8 | < 2.52.4-1.el8_10 | 2.52.4-1.el8_10 | May 11, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces | |
| CVE-2026-20691 | — | < 2.52.3-1.el8_10 | 2.52.3-1.el8_10 | Mar 25, 2026 | An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user. | ||
| CVE-2026-20664 | — | < 2.52.3-1.el8_10 | 2.52.3-1.el8_10 | Mar 25, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||
| CVE-2026-20665 | — | < 2.52.3-1.el8_10 | 2.52.3-1.el8_10 | Mar 25, 2026 | This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Securit | ||
| CVE-2026-28859 | — | < 2.52.3-1.el8_10 | 2.52.3-1.el8_10 | Mar 25, 2026 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox. |
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Poli
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Po
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
- affected < 2.52.4-1.el8_10fixed 2.52.4-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected proces
- CVE-2026-20691Mar 25, 2026affected < 2.52.3-1.el8_10fixed 2.52.3-1.el8_10
An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user.
- CVE-2026-20664Mar 25, 2026affected < 2.52.3-1.el8_10fixed 2.52.3-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
- CVE-2026-20665Mar 25, 2026affected < 2.52.3-1.el8_10fixed 2.52.3-1.el8_10
This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Securit
- CVE-2026-28859Mar 25, 2026affected < 2.52.3-1.el8_10fixed 2.52.3-1.el8_10
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.
Page 1 of 12