--- vuln2.xml Fri Jul 10 14:36:07 2020 +++ vuln.xml Fri Jul 10 14:47:46 2020 @@ -60,0 +61,42 @@ + + webkit2-gtk3 -- multible vulnerabilities + + + webkit2-gtk3 + 2.28.3 + + + + +

The WebKitGTK project reports vulnerabilities:

+
+
CVE-2020-9802: Processing maliciously crafted web content may lead to arbitrary code execution.
+
CVE-2020-9803: Processing maliciously crafted web content may lead to arbitrary code execution.
+
CVE-2020-9805: Processing maliciously crafted web content may lead to universal cross site scripting.
+
CVE-2020-9806: Processing maliciously crafted web content may lead to arbitrary code execution.
+
CVE-2020-9807: Processing maliciously crafted web content may lead to arbitrary code execution.
+
CVE-2020-9843: Processing maliciously crafted web content may lead to a cross site scripting attack.
+
CVE-2020-9850: A remote attacker may be able to cause arbitrary code execution.
+
CVE-2020-13753: CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal’s input buffer.
+
+

+ + + + https://webkitgtk.org/security/WSA-2020-0006.html + CVE-2020-9802 + CVE-2020-9803 + CVE-2020-9805 + CVE-2020-9806 + CVE-2020-9807 + CVE-2020-9843 + CVE-2020-9850 + CVE-2020-13753 + + + 2020-07-10 + 2020-07-10 + + +