CVE-2022-32816 Affecting webkit2gtk package, versions <2.36.6-1~deb11u1


0.0
medium
  • Attack Complexity

    Low

  • User Interaction

    Required

  • Integrity

    High

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id

    SNYK-DEBIAN11-WEBKIT2GTK-2976436

  • published

    8 Aug 2022

  • disclosed

    23 Sep 2022

How to fix?

Upgrade Debian:11 webkit2gtk to version 2.36.6-1~deb11u1 or higher.

NVD Description

Note: Versions mentioned in the description apply to the upstream webkit2gtk package. See How to fix? for Debian:11 relevant versions.

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.

References