rpm package
suse/webkit2gtk3&distro=SUSE Manager Retail Branch Server 4.1
pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1
Vulnerabilities (89)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-13753 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Jul 14, 2020 | The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to dire | ||
| CVE-2020-9802 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Jun 9, 2020 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to | ||
| CVE-2020-9805 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Jun 9, 2020 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to | ||
| CVE-2020-9803 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Jun 9, 2020 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content m | ||
| CVE-2020-3902 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Apr 1, 2020 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to | ||
| CVE-2019-8815 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Dec 18, 2019 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may | ||
| CVE-2019-8808 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Dec 18, 2019 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2019-8782 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Dec 18, 2019 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code ex | ||
| CVE-2019-8766 | — | < 2.34.3-23.3 | 2.34.3-23.3 | Dec 18, 2019 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. |
- CVE-2020-13753Jul 14, 2020affected < 2.34.3-23.3fixed 2.34.3-23.3
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to dire
- CVE-2020-9802Jun 9, 2020affected < 2.34.3-23.3fixed 2.34.3-23.3
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to
- CVE-2020-9805Jun 9, 2020affected < 2.34.3-23.3fixed 2.34.3-23.3
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to
- CVE-2020-9803Jun 9, 2020affected < 2.34.3-23.3fixed 2.34.3-23.3
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content m
- CVE-2020-3902Apr 1, 2020affected < 2.34.3-23.3fixed 2.34.3-23.3
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to
- CVE-2019-8815Dec 18, 2019affected < 2.34.3-23.3fixed 2.34.3-23.3
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may
- CVE-2019-8808Dec 18, 2019affected < 2.34.3-23.3fixed 2.34.3-23.3
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2019-8782Dec 18, 2019affected < 2.34.3-23.3fixed 2.34.3-23.3
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code ex
- CVE-2019-8766Dec 18, 2019affected < 2.34.3-23.3fixed 2.34.3-23.3
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.
Page 5 of 5