Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Debian: DSA-5468-1 Critical: WebKitGTK Code Execution Threat

debian
Calendar Grey August 5, 2023
Debian Logo
Debian DSA-5469-2 deals with various vulnerabilities in the Linux kernel that pose security threats. It is advisable to perform an upgrade to reduce risks.
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-38133

Summary

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2023-38133

YeongHyeon Choi discovered that processing web content may
disclose sensitive information.

CVE-2023-38572

Narendra Bhati discovered that a website may be able to bypass the
Same Origin Policy.

CVE-2023-38592

Narendra Bhati, Valentino Dalla Valle, Pedro Bernardo, Marco
Squarcina, and Lorenzo Veronese discovered that processing web
content may lead to arbitrary code execution.

CVE-2023-38594

Yuhao Hu discovered that processing web content may lead to
arbitrary code execution.

CVE-2023-38595

An anonymous researcher, Jiming Wang, and Jikai Ren discovered
that processing web content may lead to arbitrary code execution.

CVE-2023-38597

Junsung Lee discovered that processing web content may lead to
arbitrary code execution.

CVE-2023-38599

Hritvik Taneja, Jason Kim, Jie Jeff Xu, Stephan van Schaik, Daniel
Genkin, and Yuval Yarom discovered that a website may be...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: webkit2gtk
CVE ID: CVE-2023-38133 CVE-2023-38572 CVE-2023-38592 CVE-2023-38594

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here