Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webkitgtk\+
(Webkitgtk)Repositories | https://github.com/WebKit/webkit |
#Vulnerabilities | 64 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-01-11 | CVE-2018-4208 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 | ||
2019-01-11 | CVE-2018-4210 | In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks. | Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 | ||
2019-01-11 | CVE-2018-4212 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 | ||
2019-01-11 | CVE-2018-4213 | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 | ||
2019-12-18 | CVE-2019-8625 | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | Icloud, Itunes, Webkitgtk\+ | 6.1 | ||
2019-12-18 | CVE-2019-8719 | A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. | Icloud, Itunes, Webkitgtk\+ | 6.1 | ||
2019-12-18 | CVE-2019-8764 | A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. | Watchos, Webkitgtk\+ | 6.1 | ||
2019-12-18 | CVE-2019-8813 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. | Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Webkitgtk\+ | 6.1 | ||
2018-06-19 | CVE-2018-12293 | The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content. | Ubuntu_linux, Webkitgtk\+, Wpe_webkit | 8.8 | ||
2018-04-03 | CVE-2018-4162 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux, Webkitgtk\+ | 8.8 |