Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3108

Опубликовано: 18 мая 2023
Источник: rocky
Оценка: Important

Описание

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

  • WebKitGTK: Regression of CVE-2023-28205 fixes in the Rocky Linux (CVE-2023-2203)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
webkit2gtk3x86_641.el8_8.3webkit2gtk3-2.38.5-1.el8_8.3.x86_64.rpm
webkit2gtk3-develx86_641.el8_8.3webkit2gtk3-devel-2.38.5-1.el8_8.3.x86_64.rpm
webkit2gtk3-jscx86_641.el8_8.3webkit2gtk3-jsc-2.38.5-1.el8_8.3.x86_64.rpm
webkit2gtk3-jsc-develx86_641.el8_8.3webkit2gtk3-jsc-devel-2.38.5-1.el8_8.3.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-2203

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-2203

CVSS3: 8.8
ubuntu
около 2 лет назад

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

redhat логотип

CVE-2023-2203

CVSS3: 8.8
redhat
больше 2 лет назад

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

nvd логотип

CVE-2023-2203

CVSS3: 8.8
nvd
около 2 лет назад

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

debian логотип

CVE-2023-2203

CVSS3: 8.8
debian
около 2 лет назад

A flaw was found in the WebKitGTK package. An improper input validatio ...

github логотип

GHSA-p2w5-xch3-v6pv

CVSS3: 8.8
github
около 2 лет назад

A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.