Upgrade AlmaLinux:9 keylime-registrar to version 0:6.5.2-6.el9_2.alma.1 or higher. This issue was patched in ALSA-2023:5080 .

https://webkitgtk.org|webkitgtk vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://webkitgtk.org|webkitgtk package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Access of Resource Using Incompatible Type ('Type Confusion')	[,2.46.5)
H Denial of Service (DoS)	[,2.46.5)
H Out-of-bounds Read	[,2.46.5)
M Out-of-bounds Write	[,2.46.0)
M Improper Resource Shutdown or Release	[,2.46.5)
M Cross-site Scripting (XSS)	[0,)
C Arbitrary Code Injection	[0,)
L Improperly Implemented Security Check for Standard	[,2.46.3)
H Access of Memory Location After End of Buffer	[,2.46.0)
H Origin Validation Error	[0,)
M Information Exposure	[,2.45.3)
C Cross-site Scripting (XSS)	[,2.45.1)
C Arbitrary Code Injection	[,2.45.3)
M Information Exposure	[,2.45.3)
H User Interface (UI) Misrepresentation of Critical Information	[0,)
M Information Exposure	[,2.45.3)
C Out-of-bounds Write	[,2.45.3)
C Arbitrary Code Injection	[,2.45.3)
C Code Injection	[,2.45.3)
C Origin Validation Error	[,2.43.4)
C Cross-site Request Forgery (CSRF)	[,2.45.4)
M Out-of-bounds Read	[0,)
M Out-of-bounds Read	[0,)
H Use After Free	[,2.45.3)
M Out-of-bounds Read	[0,)
M Improper Authentication	[,2.44.2)
H Use After Free	[,2.44.0)
M Resource Exhaustion	[,2.44.0)
M User Interface (UI) Misrepresentation of Critical Information	[,2.44.0)
H Use After Free	[,2.42.0)
H Code Injection	[,2.38.0)
H Code Injection	[,2.42.5)
H Use After Free	[,2.42.1)
M Information Exposure	[,2.42.5)
H Type Confusion	[0,)
M Improper Restriction of Operations within the Bounds of a Memory Buffer	[,7617.1.4)
H Arbitrary Code Execution	[,2.42.3)
M Out-of-bounds Read	[,2.42.3)
M Cross-site Scripting (XSS)	[,2.40.5)
H Improper Control of Generation of Code ('Code Injection')	[,2.42.0)
H Use After Free	[,2.42.0)
H Use After Free	[,2.40.5)
H Remote Code Execution (RCE)	[,2.40.0)
H Arbitrary Code Injection	[0,)
M Information Exposure	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
M Information Exposure	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
H Permissive Cross-domain Policy with Untrusted Domains	[,2.40.5)
H Out-of-Bounds	[,2.40.5)
H Arbitrary Code Execution	[,2.40.0)
H Arbitrary Code Execution	[,2.38.0)
C Arbitrary Code Execution	[,2.39.90)
C Arbitrary Code Execution	[,2.41.4)
C Use After Free	[0,)
H Out-of-bounds Read	[0,)
C Sandbox Bypass	[,2.41.2)
H Use After Free	[0,)
H Use After Free	[0,)
H Out-of-Bounds	[,2.26.0)
H Use After Free	[,2.36.8)
H Use After Free	[,2.36.8)
H Use After Free	[,2.36.8)
H Use After Free	[,2.36.8)
H Use After Free	[,2.36.8)
H Out-of-Bounds	[,2.38.5)
H Use After Free	[,2.38.4)
H Use After Free	[,2.38.4)
H Use After Free	[,2.38.4)
H Out-of-bounds Write	[,2.38.3)
M Information Exposure	[,2.38.3)
H Out-of-bounds Write	[,2.38.1)
H Use After Free	[,2.38.3)
H Out-of-bounds Write	[,2.38.0)
M Information Exposure	[,2.38.3)
H Out-of-bounds Write	[,2.38.3)
M Information Exposure	[,2.38.3)
H Arbitrary Code Execution	[,2.38.2)
M Information Exposure	[,2.38.2)
M Authentication Bypass	[,2.38.2)
H Out-of-bounds Write	[,2.38.0)
M Information Exposure	[,2.38.0)
H Out-of-Bounds	[,2.36.8)
C Out-of-bounds Read	[,2.36.8)
H Buffer Overflow	[,2.36.5)
C Out-of-bounds Write	[,2.36.7)
H Use After Free	[,2.36.4)
L Denial of Service (DoS)	[,2.36.4)
M Information Exposure	[,2.36.0)
M Denial of Service (DoS)	[,2.36.3)
M Denial of Service (DoS)	[,2.36.3)
M Use After Free	[,2.36.3)
M Use After Free	[,2.36.3)
M Denial of Service (DoS)	[,2.36.3)
H Heap-based Buffer Overflow	[0,)
M Permissive Cross-domain Policy with Untrusted Domains	[,2.34.4)
H Use After Free	[,2.36.0)
H Buffer Overflow	[,2.36.0)
H Use After Free	[,2.36.0)
M Improper Input Validation	[,2.16.3)
H Improper Input Validation	[,1.2.6)
M Arbitrary Code Injection	(2.0.0,2.27.1)
H Out-of-bounds Write	[,1.2.6)
H Out-of-Bounds	[,2.20.4)
H Out-of-Bounds	[,2.20.4)
C Out-of-Bounds	[,1.2.6)
H Out-of-Bounds	[,2.12.1)
H Improper Data Handling	[,2.21.4)
H Out-of-Bounds	[,2.10.5)
H Out-of-Bounds	[,2.10.5)
H Out-of-Bounds	[,2.20.4)
H Improper Validation of Array Index	[,2.22.0)
M Authentication Bypass	[,1.2.6)
H Out-of-Bounds	[,2.20.4)
H Out-of-Bounds	[,2.12.1)
C Out-of-Bounds	[,1.2.5)
M Information Exposure	[,2.16.3)
H Use After Free	[,2.16.3)
H Improper Input Validation	[,2.22.0)
H Out-of-Bounds	[,2.10.5)
H Out-of-bounds Write	[,2.20.3)
H Improper Input Validation	[,1.2.6)[7.0.517.0,7.0.517.44)
H Out-of-Bounds	[,2.12.3)
M Improper Input Validation	[,2.30.6)
M Improper Input Validation	[,2.30.6)
H Out-of-Bounds	[,2.20.4)
H Out-of-Bounds	[,2.20.4)
H Out-of-Bounds	[,2.16.3)
H Out-of-Bounds	[,2.20.4)
C CVE-2010-3114	[,1.2.6)
M Out-of-Bounds	[,1.2.6)
M Out-of-Bounds	[,2.20.4)
M Resource Management Errors	[,1.2.6)
L CVE-2020-29623	[,2.30.6)
H Improper Input Validation	[,2.22.0)
C Out-of-bounds Write	[0,)
H Use After Free	[0,2.32.3)
H Improper Input Validation	[,2.27.1)
H Out-of-bounds Write	[,2.22.6)
H Out-of-Bounds	[,2.20.4)
H Out-of-Bounds	[,2.20.4)
H Use After Free	[,2.14.0)
M Information Exposure	[,2.12.0)
L Race Condition	[,2.12.2)
H Use After Free	[,2.20.2)
C Arbitrary Code Execution	[,2.30.6)
M Out-of-bounds Read	[,1.2.6)
H Use After Free	[0,2.30.3)
H Improper Input Validation	[,2.22.0)
H Out-of-Bounds	[,1.2.6)
H Use After Free	[0,2.32.3)
H Out-of-Bounds	[,2.20.4)
M Information Exposure	[,1.2.6)
H Use After Free	[,1.2.6)
H Use After Free	[0,2.30.5)
H Out-of-Bounds	[,2.16.3)
H Type Confusion	[,2.30.6)
H Improper Certificate Validation	[,2.6.6)
H Denial of Service (DoS)	[,2.22.1)
M Information Exposure	[,2.16.3)
H Out-of-Bounds	[,2.20.4)
C Improper Input Validation	[,2.28.3)
M Information Exposure	[,2.20.4)
H Improper Input Validation	[,2.22.0)
H Use After Free	[,2.28.1)
H Out-of-Bounds	[,2.16.3)
C Use After Free	[,1.2.6)
M Cross-site Scripting (XSS)	[,2.20.4)
C Use After Free	[,1.2.6)
H Out-of-Bounds	[,2.16.3)
M Information Exposure	[,2.16.3)
C Integer Overflow or Wraparound	[,2.16.3)
H Out-of-Bounds	[,2.20.4)
H Improper Certificate Validation	[0,)
M Improper Data Handling	[,2.24.1)
C Denial of Service (DoS)	[,1.2.6)
H Out-of-Bounds	[,2.16.3)
H Out-of-Bounds	[,2.12.1)
M Resource Management Errors	[,1.2.6)
C Out-of-Bounds	[,2.22.6][2.22.6,2.23.91)
H Use After Free	[0,2.30.3)
H Out-of-Bounds	[,2.20.4)
M Improper Input Validation	[,2.30.6)
M Improper Input Validation	[,2.20.4)
M Denial of Service (DoS)	[,2.10.5)
H Improper Input Validation	[,2.24.1)
M Security Features	[,2.20.0)

Vulnerability

Vulnerable Version

Access of Resource Using Incompatible Type ('Type Confusion')

[,2.46.5)

Denial of Service (DoS)

[,2.46.5)

Out-of-bounds Read

[,2.46.5)

Out-of-bounds Write

[,2.46.0)

Improper Resource Shutdown or Release

[,2.46.5)