webkit2gtk: Multiple vulnerabilities (CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733, CVE-2019-8763)
CVE-2019-8674
- Processing maliciously crafted web content may lead to universal cross site scripting.
- A logic issue was addressed with improved state management.
- Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
CVE-2019-8707
- Processing maliciously crafted web content may lead to arbitrary code execution.
- Multiple memory corruption issues were addressed with improved memory handling.
- Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
CVE-2019-8719
- Processing maliciously crafted web content may lead to universal cross site scripting.
- A logic issue was addressed with improved state management.
- Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
CVE-2019-8733
- Processing maliciously crafted web content may lead to arbitrary code execution.
- Multiple memory corruption issues were addressed with improved memory handling.
- Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
CVE-2019-8763
- Processing maliciously crafted web content may lead to arbitrary code execution.
- Multiple memory corruption issues were addressed with improved memory handling.
- Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before 2.24.3.
References:
https://webkitgtk.org/security/WSA-2019-0005.html
Affected branches:
-
master (34be5373) -
3.10-stable