BDU:2019-02101

Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

CVE-2019-8595

Published: 2019-05-20

BDU:2019-02102

Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю раскрыть содержимое памяти процессов

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

CVE-2019-8607

Published: 2019-05-20

BDU:2019-02103

Severity: MEDIUM (5.9) Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References:

CVE-2019-8615

Published: 2019-12-18
Modified: 2024-11-21

CVE-2019-8595

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Published: 2019-12-18
Modified: 2024-11-21

CVE-2019-8607

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

Published: 2019-12-18
Modified: 2024-11-21

CVE-2019-8615

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

Version: 2.1.0

Package libwebkitgtk4 update in sisyphus on 2019-05-24

ALT-PU-2019-1907-1

Closed vulnerabilities

BDU:2019-02101

BDU:2019-02102

BDU:2019-02103

CVE-2019-8595

CVE-2019-8607

CVE-2019-8615