The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42852 hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. CVE-2022-42856 Clement Lecigne discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-42867 Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46692 KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy. CVE-2022-46698 Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information. CVE-2022-46699 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-46700 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution. For the stable distribution (bullseye), these problems have been fixed in version 2.38.3-1~deb11u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk
The following vulnerabilities have been discovered in the WebKitGTK web engine:
hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory.
Clement Lecigne discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Maddie Stone discovered that processing maliciously crafted web content may lead to arbitrary code execution.
KirtiKumar Anandrao Ramchandani discovered that processing maliciously crafted web content may bypass Same Origin Policy.
Dohyun Lee and Ryan Shin discovered that processing maliciously crafted web content may disclose sensitive user information.
Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.
Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution.
For the stable distribution (bullseye), these problems have been fixed in version 2.38.3-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk