The following vulnerabilities have been discovered in the WPE WebKit web engine: CVE-2022-42852 hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. CVE-2022-42856 Clement Lecigne discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42867 Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46692 KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. CVE-2022-46698 Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information. CVE-2022-46699 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46700 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. For the stable distribution (bullseye), these problems have been fixed in version 2.38.3-1~deb11u1. We recommend that you upgrade your wpewebkit packages. For the detailed security status of wpewebkit please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpewebkit
The following vulnerabilities have been discovered in the WPE WebKit web engine:
hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory.
Clement Lecigne discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution.
KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy.
Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information.
Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.
For the stable distribution (bullseye), these problems have been fixed in version 2.38.3-1~deb11u1.
We recommend that you upgrade your wpewebkit packages.
For the detailed security status of wpewebkit please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpewebkit