DSA-5823-1 webkit2gtk - security update - Cyber Security News

Read Time:31 Second

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2024-44308

Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have
been actively exploited on Intel-based Mac systems.

CVE-2024-44309

Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to a cross site scripting
attack. Apple is aware of a report that this issue may have been
actively exploited on Intel-based Mac systems.

https://security-tracker.debian.org/tracker/DSA-5823-1

More Stories

USN-7172-1: libvpx vulnerability

It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a...

December 18, 2024

USN-7176-1: GStreamer Good Plugins vulnerabilities

Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...

December 18, 2024

USN-7175-1: GStreamer Base Plugins vulnerabilities

Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to...

December 18, 2024

USN-7174-1: GStreamer vulnerability

Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause...

December 18, 2024

USN-7171-1: PHPUnit vulnerability

It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this...

December 18, 2024

USN-7168-1: EditorConfig vulnerabilities

It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use...

December 18, 2024