CVE-2022-32816 Affecting webkit2gtk package, versions <2.36.6-1



    Attack Complexity Low
    User Interaction Required
    Integrity High
Expand this section
5.3 medium
Expand this section
6.5 medium

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-DEBIAN12-WEBKIT2GTK-2976433
  • published 8 Aug 2022
  • disclosed 23 Sep 2022

How to fix?

Upgrade Debian:12 webkit2gtk to version 2.36.6-1 or higher.

NVD Description

Note: Versions mentioned in the description apply to the upstream webkit2gtk package. See How to fix? for Debian:12 relevant versions.

The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a website that frames malicious content may lead to UI spoofing.