Vulnerabilities > Webkitgtk > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-25 CVE-2021-45482 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
network
low complexity
webkitgtk CWE-416
6.5
6.5
2021-12-25 CVE-2021-45483 Use After Free vulnerability in Webkitgtk
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
network
low complexity
webkitgtk CWE-416
6.5
6.5
2021-10-20 CVE-2021-42762 BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace.
local
low complexity
webkitgtk wpewebkit fedoraproject debian
5.3
5.3
2021-04-02 CVE-2021-1801 This issue was addressed with improved iframe sandbox enforcement.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5
2021-04-02 CVE-2021-1799 A port redirection issue was addressed with additional port validation.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5
2021-04-02 CVE-2021-1765 This issue was addressed with improved iframe sandbox enforcement.
network
low complexity
apple fedoraproject webkitgtk
6.5
6.5
2020-02-27 CVE-2020-3867 Cross-site Scripting vulnerability in multiple products
A logic issue was addressed with improved state management.
network
low complexity
apple opensuse webkitgtk CWE-79
6.1
6.1
2020-02-17 CVE-2013-7324 Injection vulnerability in Webkitgtk
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript.
network
low complexity
webkitgtk CWE-74
5.3
5.3
2019-12-18 CVE-2019-8813 Cross-site Scripting vulnerability in multiple products
A logic issue was addressed with improved state management.
network
low complexity
apple webkitgtk CWE-79
6.1
6.1
2019-12-18 CVE-2019-8764 Cross-site Scripting vulnerability in multiple products
A logic issue was addressed with improved state management.
network
low complexity
apple webkitgtk CWE-79
6.1
6.1