rpm package
suse/webkit2gtk3&distro=SUSE Linux Enterprise Workstation Extension 12 SP4
pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
Vulnerabilities (149)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-6251 | Hig | 8.1 | < 2.24.1-2.41.5 | 2.24.1-2.41.5 | Jan 14, 2019 | WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. | |
| CVE-2018-4278 | Med | 4.3 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. | |
| CVE-2018-4262 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. | |
| CVE-2018-4213 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |
| CVE-2018-4212 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |
| CVE-2018-4210 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks. | |
| CVE-2018-4209 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |
| CVE-2018-4208 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |
| CVE-2018-4207 | Hig | 8.8 | < 2.22.4-2.29.3 | 2.22.4-2.29.3 | Jan 11, 2019 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. |
- affected < 2.24.1-2.41.5fixed 2.24.1-2.41.5
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
- affected < 2.22.4-2.29.3fixed 2.22.4-2.29.3
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
Page 8 of 8