Vulnerabilities > Webkitgtk > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-42916 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple fedoraproject debian webkitgtk CWE-125
6.5
6.5
2023-09-06 CVE-2023-32370 A logic issue was addressed with improved validation.
network
low complexity
apple wpewebkit webkitgtk
5.3
5.3
2023-06-23 CVE-2023-28204 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple webkitgtk CWE-125
6.5
6.5
2021-12-25 CVE-2021-45481 Memory Leak vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-401
4.3
4.3
2021-12-25 CVE-2021-45482 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-416
4.3
4.3
2021-12-25 CVE-2021-45483 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
network
webkitgtk CWE-416
4.3
4.3
2021-10-20 CVE-2021-42762 BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace.
local
low complexity
webkitgtk wpewebkit fedoraproject debian
5.3
5.3
2021-04-02 CVE-2021-1801 This issue was addressed with improved iframe sandbox enforcement.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5
2021-04-02 CVE-2021-1799 A port redirection issue was addressed with additional port validation.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5
2021-04-02 CVE-2021-1765 This issue was addressed with improved iframe sandbox enforcement.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5