Vulnerabilities > Webkitgtk

DATE CVE VULNERABILITY TITLE RISK
2022-05-06 CVE-2022-30293 Out-of-bounds Write vulnerability in Webkitgtk
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
network
high complexity
webkitgtk CWE-787
5.1
2022-05-06 CVE-2022-30294 Use After Free vulnerability in Webkitgtk
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
network
low complexity
webkitgtk CWE-416
7.5
2021-12-25 CVE-2021-45481 Memory Leak vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-401
4.3
2021-12-25 CVE-2021-45482 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-416
4.3
2021-12-25 CVE-2021-45483 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-416
4.3
2021-10-20 CVE-2021-42762 BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace.
local
low complexity
webkitgtk wpewebkit fedoraproject debian
4.6
2021-07-08 CVE-2021-21779 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4.
6.8
2021-07-08 CVE-2021-21806 Use After Free vulnerability in Webkitgtk 2.30.3
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64.
network
webkitgtk CWE-416
6.8
2021-07-07 CVE-2021-21775 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4.
6.8
2021-04-02 CVE-2021-1870 A logic issue was addressed with improved restrictions.
network
low complexity
apple webkitgtk fedoraproject
7.5