Vulnerabilities > Webkitgtk > Webkitgtk > 1.1.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-1765 | This issue was addressed with improved iframe sandbox enforcement. | 6.5 |
| 2021-04-02 | CVE-2020-29623 | "Clear History and Website Data" did not clear the history. | 3.3 |
| 2020-12-08 | CVE-2020-27918 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 7.8 |
| 2020-07-14 | CVE-2020-13753 | Improper Input Validation vulnerability in multiple products The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. | 10.0 |
| 2020-04-17 | CVE-2020-11793 | Use After Free vulnerability in multiple products A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). | 8.8 |
| 2020-03-02 | CVE-2020-10018 | Use After Free vulnerability in multiple products WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. | 9.8 |
| 2020-02-27 | CVE-2020-3867 | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 4.3 |
| 2020-01-22 | CVE-2016-4761 | Use After Free vulnerability in multiple products WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS | 6.8 |
| 2019-12-18 | CVE-2019-8813 | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 6.1 |
| 2019-12-18 | CVE-2019-8764 | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 6.1 |