rpm package
suse/webkit2gtk3&distro=SUSE Enterprise Storage 7.1
pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1
Vulnerabilities (127)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-42863 | — | < 2.38.3-150200.57.1 | 2.38.3-150200.57.1 | Dec 15, 2022 | A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2022-42856 | — | KEV | < 2.38.3-150200.57.1 | 2.38.3-150200.57.1 | Dec 15, 2022 | A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a rep | |
| CVE-2022-42852 | — | < 2.38.3-150200.57.1 | 2.38.3-150200.57.1 | Dec 15, 2022 | The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory | ||
| CVE-2022-32912 | — | < 2.38.6-150200.72.1 | 2.38.6-150200.72.1 | Sep 20, 2022 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2022-32886 | — | < 2.38.6-150200.72.1 | 2.38.6-150200.72.1 | Sep 20, 2022 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2022-0108 | — | < 2.38.6-150200.72.1 | 2.38.6-150200.72.1 | Feb 11, 2022 | Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||
| CVE-2014-1745 | Hig | 7.1 | < 2.42.5-150200.104.1 | 2.42.5-150200.104.1 | May 21, 2014 | Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related |
- CVE-2022-42863Dec 15, 2022affected < 2.38.3-150200.57.1fixed 2.38.3-150200.57.1
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.
- affected < 2.38.3-150200.57.1fixed 2.38.3-150200.57.1
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a rep
- CVE-2022-42852Dec 15, 2022affected < 2.38.3-150200.57.1fixed 2.38.3-150200.57.1
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory
- CVE-2022-32912Sep 20, 2022affected < 2.38.6-150200.72.1fixed 2.38.6-150200.72.1
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2022-32886Sep 20, 2022affected < 2.38.6-150200.72.1fixed 2.38.6-150200.72.1
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2022-0108Feb 11, 2022affected < 2.38.6-150200.72.1fixed 2.38.6-150200.72.1
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
- affected < 2.42.5-150200.104.1fixed 2.42.5-150200.104.1
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related
Page 7 of 7