Vulnerabilities > Webkitgtk > Webkitgtk > 1.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-28 | CVE-2022-2294 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2022-05-06 | CVE-2022-30293 | Out-of-bounds Write vulnerability in multiple products In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp. | 7.5 |
2021-12-25 | CVE-2021-45481 | Memory Leak vulnerability in Webkitgtk In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889. | 4.3 |
2021-12-25 | CVE-2021-45482 | Use After Free vulnerability in Webkitgtk In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889. | 4.3 |
2021-12-25 | CVE-2021-45483 | Use After Free vulnerability in Webkitgtk In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. | 4.3 |
2021-10-20 | CVE-2021-42762 | BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into thinking the sandboxed process is not confined by the sandbox, by abusing VFS syscalls that manipulate its filesystem namespace. | 5.3 |
2021-04-02 | CVE-2021-1870 | A logic issue was addressed with improved restrictions. | 9.8 |
2021-04-02 | CVE-2021-1801 | This issue was addressed with improved iframe sandbox enforcement. | 6.5 |
2021-04-02 | CVE-2021-1799 | A port redirection issue was addressed with additional port validation. | 6.5 |
2021-04-02 | CVE-2021-1789 | Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved state handling. | 8.8 |