Debian: DSA-4877-1 Critical: Webkit2gtk Code Execution Threats
debian
March 27, 2021
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-27918
Summary
CVE-2020-27918
Liu Long discovered that processing maliciously crafted web
content may lead to arbitrary code execution.
CVE-2020-29623
Simon Hunt discovered that users may be unable to fully delete
their browsing history under some circumstances.
CVE-2021-1765
Eliya Stein discovered that maliciously crafted web content may
violate iframe sandboxing policy.
CVE-2021-1789
@S0rryMybad discovered that processing maliciously crafted web
content may lead to arbitrary code execution.
CVE-2021-1799
Gregory Vishnepolsky, Ben Seri and Samy Kamkar discovered that a
malicious website may be able to access restricted ports on
arbitrary servers.
CVE-2021-1801
Eliya Stein discovered that processing maliciously crafted web
content may lead to arbitrary code execution.
CVE-2021-1870
An anonymous researcher discovered that processing maliciously
crafted web content may lead to arbitrary code execution.
For the stable distribution (buster), these problems have be...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: webkit2gtk
CVE ID: CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!