Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Debian: DSA-4724-1 Critical Webkit2gtk Code Execution Advisory

debian
Calendar Grey July 15, 2020
Debian Logo
Debian DSA-4724-1 recommends immediate updates to webkit2gtk for addressing severe vulnerabilities related to code execution and scripting risks.
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-9802

Summary

The following vulnerabilities have been discovered in the webkit2gtk
web engine:

CVE-2020-9802

Samuel Gross discovered that processing maliciously crafted web
content may lead to arbitrary code execution.

CVE-2020-9803

Wen Xu discovered that processing maliciously crafted web content
may lead to arbitrary code execution.

CVE-2020-9805

An anonymous researcher discovered that processing maliciously
crafted web content may lead to universal cross site scripting.

CVE-2020-9806

Wen Xu discovered that processing maliciously crafted web content
may lead to arbitrary code execution.

CVE-2020-9807

Wen Xu discovered that processing maliciously crafted web content
may lead to arbitrary code execution.

CVE-2020-9843

Ryan Pickren discovered that processing maliciously crafted web
content may lead to a cross site scripting attack.

CVE-2020-9850

@jinmo123, @setuid0x0_, and @insu_yun_en discovered that a remote
attacker may be able to cause arbitrary code execution.

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: webkit2gtk
CVE ID: CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here