webkitgtk4 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the webkitgtk4 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Out-of-Bounds

*
  • M
Information Exposure

*
  • H
Out-of-Bounds

*
  • M
Origin Validation Error

*
  • M
Overly Permissive Cross-domain Whitelist

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • M
CVE-2024-40866

*
  • M
Cross-site Scripting (XSS)

*
  • M
Out-of-bounds Read

*
  • M
Use After Free

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • M
Use After Free

*
  • H
Improper Authorization

*
  • H
Use After Free

*
  • M
Authentication Bypass

*
  • M
CVE-2023-42956

*
  • M
Out-of-Bounds

*
  • M
CVE-2023-32359

*
  • M
Improper Enforcement of Behavioral Workflow

*
  • H
Out-of-Bounds

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Arbitrary Code Injection

*
  • M
CVE-2024-23263

*
  • M
CVE-2024-23254

*
  • M
CVE-2024-23252

*
  • M
CVE-2024-23284

*
  • H
CVE-2023-42833

*
  • H
CVE-2024-23213

*
  • H
CVE-2024-23226

*
  • H
Use After Free

*
  • M
Resource Exhaustion

*
  • M
CVE-2024-23206

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Out-of-Bounds

*
  • M
Out-of-Bounds

*
  • H
Out-of-bounds Write

*
  • M
Improper Input Validation

*
  • M
CVE-2023-40451

*
  • M
CVE-2023-41074

*
  • M
Use After Free

*
  • M
Use After Free

*
  • M
CVE-2023-35074

*
  • M
Improper Check for Unusual or Exceptional Conditions

*
  • M
Static Code Injection

*
  • M
CVE-2023-32370

*
  • M
Use After Free

*
  • M
CVE-2022-32816

*
  • M
Out-of-bounds Write

*
  • M
Overly Permissive Cross-domain Whitelist

*
  • M
Information Exposure

*
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • H
Overly Permissive Cross-domain Whitelist

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • M
Information Exposure

*
  • H
Out-of-Bounds

*
  • H
Arbitrary Code Injection

*
  • H
Arbitrary Code Injection

*
  • H
Arbitrary Code Injection

*
  • H
Arbitrary Code Injection

*
  • H
Use After Free

*
  • M
Improper Input Validation

*
  • H
Use After Free

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • H
Out-of-Bounds

*
  • H
Use After Free

*
  • M
Information Exposure

*
  • M
Out-of-bounds Write

*
  • M
CVE-2022-46692

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Write

*
  • M
CVE-2022-42852

*
  • M
Use After Free

*
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
CVE-2022-42824

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Out-of-Bounds

*
  • M
Out-of-bounds Write

*
  • M
Buffer Overflow

*
  • M
Out-of-bounds Read

*
  • M
Out-of-Bounds

*
  • M
Improper Input Validation

*
  • M
Use After Free

*
  • M
Information Exposure

*
  • M
Use After Free

*
  • M
Use After Free

*
  • M
Improper Use of Validation Framework

*
  • M
Improper Use of Validation Framework

*
  • M
Improper Use of Validation Framework

*
  • M
Use After Free

*
  • M
CVE-2022-22637

*
  • M
Use After Free

*
  • M
Buffer Overflow

*
  • M
Improper Restriction of Rendered UI Layers or Frames

*
  • M
Use After Free

*
  • M
Improper Use of Validation Framework

*
  • M
Origin Validation Error

*
  • M
Use After Free

*
  • M
Race Condition

*
  • M
Use After Free

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Out-of-bounds Read

*
  • M
Integer Overflow or Wraparound

*
  • M
Buffer Overflow

*
  • M
Memory Leak

*
  • M
Use After Free

*
  • M
Use After Free

*
  • M
Information Exposure

*
  • L
Information Exposure

*
  • M
Open Redirect

*
  • M
CVE-2021-30887

*
  • L
Out-of-bounds Read

*
  • M
CVE-2021-30823

*
  • M
Cross-site Scripting (XSS)

*
  • M
Buffer Overflow

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Use After Free

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Write

*
  • M
Out-of-bounds Write

*
  • M
Use After Free

<0:2.28.2-3.el7
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Input Validation

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Use After Free

*
  • M
Use After Free

*
  • M
Use After Free

*
  • M
Improper Input Validation

<0:2.28.2-2.el7
  • M
Improper Input Validation

<0:2.28.2-2.el7
  • M
Improper Input Validation

<0:2.28.2-2.el7
  • M
Buffer Overflow

<0:2.20.5-1.el7
  • M
Directory Traversal

<0:2.20.5-1.el7
  • M
Out-of-bounds Read

<0:2.20.5-1.el7
  • M
Stack-based Buffer Overflow

<0:2.20.5-1.el7
  • M
Out-of-bounds Read

<0:2.20.5-1.el7
  • M
NULL Pointer Dereference

<0:2.20.5-1.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Race Condition

<0:2.28.2-2.el7
  • M
Always-Incorrect Control Flow Implementation

<0:2.28.2-2.el7
  • M
Resource Exhaustion

<0:2.28.2-2.el7
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<0:2.28.2-2.el7
  • M
Origin Validation Error

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Improper Enforcement of Behavioral Workflow

*
  • M
Resource Exhaustion

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

*
  • M
Arbitrary Command Injection

*
  • M
Improper Input Validation

*
  • M
Out-of-Bounds

*
  • M
Improper Enforcement of Behavioral Workflow

*
  • M
Use After Free

*
  • M
Improper Enforcement of Behavioral Workflow

*
  • M
Use After Free

*
  • M
Improper Access Control

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Out-of-Bounds

*
  • M
Out-of-Bounds

*
  • M
Improper Enforcement of Behavioral Workflow

*
  • M
Improper Input Validation

*
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.22.7-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Improper Restriction of Rendered UI Layers or Frames

<0:2.28.2-2.el7
  • M
Information Exposure

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.22.7-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Information Exposure

<0:2.22.7-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.22.7-2.el7
  • M
Improper Input Validation

*
  • M
Use After Free

*
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Information Exposure

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Integer Overflow or Wraparound

<0:2.28.2-2.el7
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Improper Validation of Array Index

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.22.7-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.22.7-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Read

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Read

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Improper Input Validation

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Arbitrary Code Injection

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Information Exposure

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.20.5-1.el7
  • M
Out-of-Bounds

<0:2.20.5-1.el7
  • M
Out-of-Bounds

<0:2.20.5-1.el7
  • M
Out-of-bounds Read

<0:2.20.5-1.el7
  • M
Information Exposure

<0:2.20.5-1.el7
  • M
Out-of-bounds Read

<0:2.20.5-1.el7
  • M
Improper Certificate Validation

<0:2.20.5-1.el7
  • M
Out-of-Bounds

*
  • M
Buffer Overflow

<0:2.20.5-1.el7
  • M
Out-of-Bounds

*
  • M
Uncontrolled Recursion

<0:2.20.5-1.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Use After Free

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-bounds Write

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Out-of-Bounds

<0:2.28.2-2.el7
  • M
Cross-site Scripting (XSS)

<0:2.28.2-2.el7
  • M
Out-of-Bounds

*
  • M
Out-of-Bounds

*
  • M
Out-of-Bounds

*
  • M
Improper Input Validation

*
  • M
Use After Free

*
  • M
Out-of-Bounds

*
  • M
Improper Input Validation

*
  • M
Incorrect Authorization

*
  • M
Incorrect Authorization

*
  • M
Information Exposure

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Use After Free

*
  • L
Incomplete Cleanup

*
  • M
Use After Free

*
  • M
Use After Free

*