Action not permitted
Modal body text goes here.
CVE-2022-22624
Vulnerability from cvelistv5
Published
2022-09-23 18:58
Modified
2024-08-03 03:21
Severity
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| Source | URL | Tags |
|---|---|---|
| product-security@apple.com | https://support.apple.com/en-us/HT213182 | Vendor Advisory |
| product-security@apple.com | https://support.apple.com/en-us/HT213183 | Vendor Advisory |
| product-security@apple.com | https://support.apple.com/en-us/HT213186 | Vendor Advisory |
| product-security@apple.com | https://support.apple.com/en-us/HT213187 | Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:48.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213182"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213186"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT213187"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-23T18:58:30",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213182"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213186"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT213187"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-22624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213182",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213182"
},
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"name": "https://support.apple.com/en-us/HT213186",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213186"
},
{
"name": "https://support.apple.com/en-us/HT213187",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213187"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2022-22624",
"datePublished": "2022-09-23T18:58:30",
"dateReserved": "2022-01-05T00:00:00",
"dateUpdated": "2024-08-03T03:21:48.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-22624\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2022-09-23T19:15:10.877\",\"lastModified\":\"2022-09-28T12:03:19.697\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.\"},{\"lang\":\"es\",\"value\":\"Se abord\u00f3 un problema de uso de memoria previamente liberada con una administraci\u00f3n de memoria mejorada. Este problema ha sido corregido en macOS Monterey versi\u00f3n 12.3, iOS versi\u00f3n 15.4 y iPadOS versi\u00f3n 15.4, tvOS versi\u00f3n 15.4, Safari versi\u00f3n 15.4. El procesamiento de contenido web dise\u00f1ado de forma maliciosa puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"2B5E9A8F-FFF6-432A-9E8A-074B53B29507\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"304F5E03-FD61-453E-B2C5-FC3A2E30E448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.4\",\"matchCriteriaId\":\"1E4C3F0C-E368-4F79-B42E-E5EB0FB5E767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0\",\"versionEndExcluding\":\"12.3\",\"matchCriteriaId\":\"9C72309C-939F-4744-80DB-07C4452BDAFE\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT213182\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213183\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213186\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213187\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
ghsa-w76j-g6q7-46hq
Vulnerability from github
Published
2022-09-25 00:00
Modified
2022-09-29 00:00
Severity
Details
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
{
"affected": [],
"aliases": [
"CVE-2022-22624"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-23T19:15:00Z",
"severity": "HIGH"
},
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GHSA-w76j-g6q7-46hq",
"modified": "2022-09-29T00:00:27Z",
"published": "2022-09-25T00:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213182"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213186"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213187"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
wid-sec-w-2022-2044
Vulnerability from csaf_certbund
Published
2022-11-08 23:00
Modified
2024-04-24 22:00
Summary
Red Hat Enterprise Linux: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-2044 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2044.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-2044 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7447"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7458"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7514"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7548"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7558"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7622"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7639"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8008 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8008"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7704 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7704.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8431 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8431"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7458 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7458.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7935 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7935"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7950 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7950"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8139 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8139"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8062 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8062"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8054 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8011 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8011"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8054 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-8054.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7822 vom 2022-11-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-7822.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8431 vom 2022-11-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-8431.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10031 vom 2022-11-29",
"url": "https://linux.oracle.com/errata/ELSA-2022-10031.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8626 vom 2022-11-29",
"url": "https://access.redhat.com/errata/RHSA-2022:8626"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202212-02 vom 2022-12-19",
"url": "https://security.gentoo.org/glsa/202212-02"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7398 vom 2023-01-18",
"url": "https://access.redhat.com/errata/RHSA-2022:7398"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1275 vom 2023-03-15",
"url": "https://access.redhat.com/errata/RHSA-2023:1275"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2193 vom 2023-05-09",
"url": "https://access.redhat.com/errata/RHSA-2023:2193"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2758 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:2758"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:2802 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:2802"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2116 vom 2023-07-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2116.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2468 vom 2024-02-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2468.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2452 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2452.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASR4-2023-001 vom 2024-01-23",
"url": "https://alas.aws.amazon.com/AL2/ALASR4-2023-001.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2045 vom 2024-04-25",
"url": "https://access.redhat.com/errata/RHSA-2024:2045"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-04-24T22:00:00.000+00:00",
"generator": {
"date": "2024-04-25T11:03:23.094+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-2044",
"initial_release_date": "2022-11-08T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2022-11-23T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2023-01-17T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-09T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-01-22T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-02-05T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-02-19T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-04-24T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "8",
"product": {
"name": "Red Hat Enterprise Linux 8",
"product_id": "T014111",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4048",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2021-4048"
},
{
"cve": "CVE-2021-44269",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2021-44269"
},
{
"cve": "CVE-2022-1049",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-1049"
},
{
"cve": "CVE-2022-21682",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-21682"
},
{
"cve": "CVE-2022-22624",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-22624"
},
{
"cve": "CVE-2022-22628",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-22628"
},
{
"cve": "CVE-2022-22629",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-22629"
},
{
"cve": "CVE-2022-22662",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-22662"
},
{
"cve": "CVE-2022-25308",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-25308"
},
{
"cve": "CVE-2022-25309",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-25309"
},
{
"cve": "CVE-2022-25310",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-25310"
},
{
"cve": "CVE-2022-26700",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26700"
},
{
"cve": "CVE-2022-26709",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26709"
},
{
"cve": "CVE-2022-26710",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26710"
},
{
"cve": "CVE-2022-26716",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26716"
},
{
"cve": "CVE-2022-26717",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26717"
},
{
"cve": "CVE-2022-26719",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-26719"
},
{
"cve": "CVE-2022-2989",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-2989"
},
{
"cve": "CVE-2022-2990",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-2990"
},
{
"cve": "CVE-2022-30293",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-30293"
},
{
"cve": "CVE-2022-30698",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-30698"
},
{
"cve": "CVE-2022-30699",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-30699"
},
{
"cve": "CVE-2022-32189",
"notes": [
{
"category": "description",
"text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T008027",
"67646",
"398363",
"T012167",
"T004914",
"T014111"
]
},
"release_date": "2022-11-08T23:00:00Z",
"title": "CVE-2022-32189"
}
]
}
wid-sec-w-2022-1056
Vulnerability from csaf_certbund
Published
2022-03-14 23:00
Modified
2023-06-21 22:00
Summary
Apple macOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, , um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, einen Spoofing-Angriff durchzuführen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- MacOS X
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, , um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1056 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1056.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1056 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1056"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-03-14",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-03-14",
"url": "https://support.apple.com/en-us/HT213184"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-03-14",
"url": "https://support.apple.com/en-us/HT213185"
},
{
"category": "external",
"summary": "PoC von TrendMicro vom 2022-03-14",
"url": "https://www.trendmicro.com/en_us/research/22/d/macos-suhelper-root-privilege-escalation-vulnerability-a-deep-di.html"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-21T22:00:00.000+00:00",
"generator": {
"date": "2024-02-15T16:55:41.505+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-1056",
"initial_release_date": "2022-03-14T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-03-14T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-04-05T22:00:00.000+00:00",
"number": "2",
"summary": "Exploit aufgenommen"
},
{
"date": "2022-08-16T22:00:00.000+00:00",
"number": "3",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2023-06-21T22:00:00.000+00:00",
"number": "4",
"summary": "CVE erg\u00e4nzt"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Apple macOS Monterey \u003c 12.3",
"product": {
"name": "Apple macOS Monterey \u003c 12.3",
"product_id": "T022329",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.3"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Big Sur \u003c 11.6.5",
"product": {
"name": "Apple macOS Big Sur \u003c 11.6.5",
"product_id": "T022330",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.5"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Catalina",
"product": {
"name": "Apple macOS Catalina",
"product_id": "T022331",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-46706",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-46706"
},
{
"cve": "CVE-2022-26690",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-26690"
},
{
"cve": "CVE-2022-26688",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-26688"
},
{
"cve": "CVE-2022-22672",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22672"
},
{
"cve": "CVE-2022-22669",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22669"
},
{
"cve": "CVE-2022-22668",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22668"
},
{
"cve": "CVE-2022-22665",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22665"
},
{
"cve": "CVE-2022-22664",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22664"
},
{
"cve": "CVE-2022-22662",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22662"
},
{
"cve": "CVE-2022-22661",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22661"
},
{
"cve": "CVE-2022-22660",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22660"
},
{
"cve": "CVE-2022-22657",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22657"
},
{
"cve": "CVE-2022-22656",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22656"
},
{
"cve": "CVE-2022-22655",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22655"
},
{
"cve": "CVE-2022-22651",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22651"
},
{
"cve": "CVE-2022-22650",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22650"
},
{
"cve": "CVE-2022-22648",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22648"
},
{
"cve": "CVE-2022-22647",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22647"
},
{
"cve": "CVE-2022-22644",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22644"
},
{
"cve": "CVE-2022-22643",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22643"
},
{
"cve": "CVE-2022-22641",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22641"
},
{
"cve": "CVE-2022-22640",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22640"
},
{
"cve": "CVE-2022-22639",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22639"
},
{
"cve": "CVE-2022-22638",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22638"
},
{
"cve": "CVE-2022-22637",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22637"
},
{
"cve": "CVE-2022-22633",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22633"
},
{
"cve": "CVE-2022-22632",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22632"
},
{
"cve": "CVE-2022-22631",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22631"
},
{
"cve": "CVE-2022-22630",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22630"
},
{
"cve": "CVE-2022-22629",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22629"
},
{
"cve": "CVE-2022-22628",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22628"
},
{
"cve": "CVE-2022-22627",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22627"
},
{
"cve": "CVE-2022-22626",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22626"
},
{
"cve": "CVE-2022-22625",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22625"
},
{
"cve": "CVE-2022-22624",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22624"
},
{
"cve": "CVE-2022-22623",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22623"
},
{
"cve": "CVE-2022-22621",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22621"
},
{
"cve": "CVE-2022-22617",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22617"
},
{
"cve": "CVE-2022-22616",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22616"
},
{
"cve": "CVE-2022-22615",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22615"
},
{
"cve": "CVE-2022-22614",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22614"
},
{
"cve": "CVE-2022-22613",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22613"
},
{
"cve": "CVE-2022-22612",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22612"
},
{
"cve": "CVE-2022-22611",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22611"
},
{
"cve": "CVE-2022-22610",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22610"
},
{
"cve": "CVE-2022-22609",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22609"
},
{
"cve": "CVE-2022-22600",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22600"
},
{
"cve": "CVE-2022-22599",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22599"
},
{
"cve": "CVE-2022-22597",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22597"
},
{
"cve": "CVE-2022-22582",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-22582"
},
{
"cve": "CVE-2022-0158",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-0158"
},
{
"cve": "CVE-2022-0156",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-0156"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2021-46059",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-46059"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-36976",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-36976"
},
{
"cve": "CVE-2021-30918",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-30918"
},
{
"cve": "CVE-2021-22947",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-22947"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-22945",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Accelerate Framework, AMD, AppKit, AppleGraphicsControl, AppleScript, BOM, Curl, FaceTime, ImageIO, Intel Graphics Driver, IOGPUFamily, Kernel, libarchive, Login Window, GarageBand MIDI, NSSpellChecker, PackageKit, Preferences, QuickTime Player, Safari Downloads, Sandbox, Siri, SMB, SoftwareUpdate, System Preferences, UIKit, Vim, VoiceOver, WebKit, Wi-Fi und Xar. Ein entfernter anonymer, authentisierter, lokaler oder physischer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, einen Spoofing-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T022331"
]
},
"release_date": "2022-03-14T23:00:00Z",
"title": "CVE-2021-22945"
}
]
}
rhsa-2022_8054
Vulnerability from csaf_redhat
Published
2022-11-15 13:26
Modified
2024-09-16 07:56
Summary
Red Hat Security Advisory: webkit2gtk3 security and bug fix update
Notes
Topic
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Security Fix(es):
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8054",
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"category": "external",
"summary": "2061996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061996"
},
{
"category": "external",
"summary": "2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_8054.json"
}
],
"title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-16T07:56:21+00:00",
"generator": {
"date": "2024-09-16T07:56:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:8054",
"initial_release_date": "2022-11-15T13:26:22+00:00",
"revision_history": [
{
"date": "2022-11-15T13:26:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-15T13:26:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T07:56:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.src",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.src",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.src",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22624",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073893"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22624"
},
{
"category": "external",
"summary": "RHBZ#2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22628",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073896"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22628"
},
{
"category": "external",
"summary": "RHBZ#2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22629",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073899"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Buffer overflow leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22629"
},
{
"category": "external",
"summary": "RHBZ#2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Buffer overflow leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22662",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104787"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22662"
},
{
"category": "external",
"summary": "RHBZ#2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure"
},
{
"cve": "CVE-2022-26700",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092732"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26700"
},
{
"category": "external",
"summary": "RHBZ#2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26709",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092733"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26709"
},
{
"category": "external",
"summary": "RHBZ#2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26709"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26710",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104789"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26710"
},
{
"category": "external",
"summary": "RHBZ#2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26716",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26716"
},
{
"category": "external",
"summary": "RHBZ#2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26717",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26717"
},
{
"category": "external",
"summary": "RHBZ#2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26719",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092736"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26719"
},
{
"category": "external",
"summary": "RHBZ#2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-30293",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-05-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2082548"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30293"
},
{
"category": "external",
"summary": "RHBZ#2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution"
},
{
"cve": "CVE-2022-32792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238973"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32792"
},
{
"category": "external",
"summary": "RHBZ#2238973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution"
},
{
"cve": "CVE-2022-32816",
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238975"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: malicious content may lead to UI spoofing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32816"
},
{
"category": "external",
"summary": "RHBZ#2238975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: malicious content may lead to UI spoofing"
},
{
"cve": "CVE-2022-32891",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2128647"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32891"
},
{
"category": "external",
"summary": "RHBZ#2128647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0009.html",
"url": "https://webkitgtk.org/security/WSA-2022-0009.html"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8054"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.src",
"AppStream-9.1.0.GA:webkit2gtk3-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el9.x86_64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.aarch64",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.i686",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.ppc64le",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.s390x",
"AppStream-9.1.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content"
}
]
}
rhsa-2022_7704
Vulnerability from csaf_redhat
Published
2022-11-08 09:56
Modified
2024-09-16 07:56
Summary
Red Hat Security Advisory: webkit2gtk3 security and bug fix update
Notes
Topic
An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.
Security Fix(es):
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nGLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.\n\nSecurity Fix(es):\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)\n\n* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)\n\n* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)\n\n* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)\n\n* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)\n\n* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7704",
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"category": "external",
"summary": "2061994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061994"
},
{
"category": "external",
"summary": "2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "2099334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099334"
},
{
"category": "external",
"summary": "2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_7704.json"
}
],
"title": "Red Hat Security Advisory: webkit2gtk3 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-16T07:56:12+00:00",
"generator": {
"date": "2024-09-16T07:56:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:7704",
"initial_release_date": "2022-11-08T09:56:52+00:00",
"revision_history": [
{
"date": "2022-11-08T09:56:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-08T09:56:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T07:56:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.src",
"product": {
"name": "glib2-0:2.56.4-159.el8.src",
"product_id": "glib2-0:2.56.4-159.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.src",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.src",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-devel-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-fam-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-tests-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.aarch64",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64",
"product_id": "glib2-static-0:2.56.4-159.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product_id": "glib2-static-0:2.56.4-159.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-0:2.56.4-159.el8.i686",
"product_id": "glib2-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.i686",
"product_id": "glib2-devel-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.i686",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.i686",
"product_id": "glib2-static-0:2.56.4-159.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-devel-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-fam-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-tests-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.x86_64",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64",
"product_id": "glib2-static-0:2.56.4-159.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-0:2.56.4-159.el8.s390x",
"product_id": "glib2-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x",
"product_id": "glib2-devel-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x",
"product_id": "glib2-fam-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x",
"product_id": "glib2-tests-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product_id": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debugsource@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-devel-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-fam-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product_id": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-tests-debuginfo@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "glib2-static-0:2.56.4-159.el8.s390x",
"product": {
"name": "glib2-static-0:2.56.4-159.el8.s390x",
"product_id": "glib2-static-0:2.56.4-159.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-static@2.56.4-159.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debugsource@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-devel-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_id": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/webkit2gtk3-jsc-devel-debuginfo@2.36.7-1.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "glib2-doc-0:2.56.4-159.el8.noarch",
"product": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch",
"product_id": "glib2-doc-0:2.56.4-159.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glib2-doc@2.56.4-159.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.src",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
},
"product_reference": "webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src"
},
"product_reference": "glib2-0:2.56.4-159.el8.src",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch"
},
"product_reference": "glib2-doc-0:2.56.4-159.el8.noarch",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "BaseOS-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src"
},
"product_reference": "glib2-0:2.56.4-159.el8.src",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-debugsource-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-debugsource-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-doc-0:2.56.4-159.el8.noarch as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch"
},
"product_reference": "glib2-doc-0:2.56.4-159.el8.noarch",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-static-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-static-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"relates_to_product_reference": "CRB-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
},
"product_reference": "glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"relates_to_product_reference": "CRB-8.7.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22624",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073893"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22624"
},
{
"category": "external",
"summary": "RHBZ#2073893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22624"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22628",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073896"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22628"
},
{
"category": "external",
"summary": "RHBZ#2073896",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073896"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22628"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22628"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22629",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073899"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow vulnerability was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Buffer overflow leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22629"
},
{
"category": "external",
"summary": "RHBZ#2073899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073899"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22629"
}
],
"release_date": "2022-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Buffer overflow leading to arbitrary code execution"
},
{
"cve": "CVE-2022-22662",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104787"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in WebKitGTK, where an issue occurs due to improper cookie management. This flaw allows a remote attacker to trick the victim into parsing maliciously crafted web content, triggering the vulnerability and gaining access to potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Cookie management issue leading to sensitive user information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22662"
},
{
"category": "external",
"summary": "RHBZ#2104787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22662"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Cookie management issue leading to sensitive user information disclosure"
},
{
"cve": "CVE-2022-26700",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092732"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26700"
},
{
"category": "external",
"summary": "RHBZ#2092732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26700"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26700"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26709",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092733"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26709"
},
{
"category": "external",
"summary": "RHBZ#2092733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092733"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26709"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26709"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26710",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2104789"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in WebKitGTK. The flaw occurs when processing maliciously crafted HTML content in WebKit. This flaw allows a remote attacker to trick the victim into visiting a specially crafted website, triggering memory corruption and executing arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 6, 7, 8, and 9 are affected because the code-base is affected by this vulnerability.\n\nSince Red Hat Enterprise Linux 6 and 7 are Out-of-Support-Scope for Low/Moderate flaws, the issue is not currently planned to be addressed in future updates for RHEL-6,7. Only Important and Critical severity flaws will be addressed at this time.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26710"
},
{
"category": "external",
"summary": "RHBZ#2104789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26710"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0006.html",
"url": "https://webkitgtk.org/security/WSA-2022-0006.html"
}
],
"release_date": "2022-07-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26716",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092734"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a memory corruption vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26716"
},
{
"category": "external",
"summary": "RHBZ#2092734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26716"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26717",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to a use-after-free vulnerability. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Use-after-free leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26717"
},
{
"category": "external",
"summary": "RHBZ#2092735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26717"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Use-after-free leading to arbitrary code execution"
},
{
"cve": "CVE-2022-26719",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092736"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in webkitgtk. Due to improper input validation, the issue occurs, leading to memory corruption. This flaw allows an attacker with network access to pass specially crafted web content files, causing an application to halt, crash, or arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Memory corruption issue leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26719"
},
{
"category": "external",
"summary": "RHBZ#2092736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26719"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0005.html",
"url": "https://webkitgtk.org/security/WSA-2022-0005.html"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Memory corruption issue leading to arbitrary code execution"
},
{
"cve": "CVE-2022-30293",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-05-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2082548"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow vulnerability was found in WebKitGTK. The vulnerability occurs when processing or rendering HTML content in WebKit. This flaw allows a remote attacker to trick the victim into opening a specially crafted web page, triggering a heap buffer overflow error and leading to the execution of arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"known_not_affected": [
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30293"
},
{
"category": "external",
"summary": "RHBZ#2082548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082548"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30293"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution"
},
{
"cve": "CVE-2022-32792",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238973"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when processing maliciously crafted web content which may lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32792"
},
{
"category": "external",
"summary": "RHBZ#2238973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32792"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution"
},
{
"cve": "CVE-2022-32816",
"discovery_date": "2023-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2238975"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkit. This issue occurs when visiting a website that frames malicious content, which may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: malicious content may lead to UI spoofing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is being rated as \u0027Moderate\u0027 as WebKitGTK package is shipped as a dependency for Gnome package, additionally Red Hat Enterprise Linux doesn\u0027t ship any WebKitGTK based web browser where this flaw would present a higher severity major threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32816"
},
{
"category": "external",
"summary": "RHBZ#2238975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32816"
},
{
"category": "external",
"summary": "https://wpewebkit.org/security/WSA-2022-0007.html",
"url": "https://wpewebkit.org/security/WSA-2022-0007.html"
}
],
"release_date": "2022-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: malicious content may lead to UI spoofing"
},
{
"cve": "CVE-2022-32891",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2128647"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in webkitgtk, where an issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webkitgtk: UI spoofing while Visiting a website that frames malicious content",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32891"
},
{
"category": "external",
"summary": "RHBZ#2128647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32891"
},
{
"category": "external",
"summary": "https://webkitgtk.org/security/WSA-2022-0009.html",
"url": "https://webkitgtk.org/security/WSA-2022-0009.html"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7704"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.src",
"AppStream-8.7.0.GA:webkit2gtk3-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-debugsource-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-debuginfo-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-0:2.36.7-1.el8.x86_64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.aarch64",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.i686",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.ppc64le",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.s390x",
"AppStream-8.7.0.GA:webkit2gtk3-jsc-devel-debuginfo-0:2.36.7-1.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"BaseOS-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"BaseOS-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.src",
"CRB-8.7.0.GA:glib2-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-debugsource-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-devel-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-doc-0:2.56.4-159.el8.noarch",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-fam-debuginfo-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-static-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-0:2.56.4-159.el8.x86_64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.aarch64",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.i686",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.ppc64le",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.s390x",
"CRB-8.7.0.GA:glib2-tests-debuginfo-0:2.56.4-159.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webkitgtk: UI spoofing while Visiting a website that frames malicious content"
}
]
}
gsd-2022-22624
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-22624",
"description": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GSD-2022-22624",
"references": [
"https://www.debian.org/security/2022/dsa-5115",
"https://www.debian.org/security/2022/dsa-5116",
"https://advisories.mageia.org/CVE-2022-22624.html",
"https://www.suse.com/security/cve/CVE-2022-22624.html",
"https://ubuntu.com/security/CVE-2022-22624",
"https://security.archlinux.org/CVE-2022-22624",
"https://access.redhat.com/errata/RHSA-2022:7704",
"https://access.redhat.com/errata/RHSA-2022:8054"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-22624"
],
"details": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.",
"id": "GSD-2022-22624",
"modified": "2023-12-13T01:19:28.838775Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-22624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.4"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213182",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213182"
},
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213183"
},
{
"name": "https://support.apple.com/en-us/HT213186",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213186"
},
{
"name": "https://support.apple.com/en-us/HT213187",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213187"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.3",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2022-22624"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT213186",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213186"
},
{
"name": "https://support.apple.com/en-us/HT213187",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213187"
},
{
"name": "https://support.apple.com/en-us/HT213182",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213182"
},
{
"name": "https://support.apple.com/en-us/HT213183",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/en-us/HT213183"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-09-28T12:03Z",
"publishedDate": "2022-09-23T19:15Z"
}
}
}
var-202203-0111
Vulnerability from variot
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-03-14-2 watchOS 8.5
watchOS 8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213193.
Accelerate Framework Available for: Apple Watch Series 3 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-22633: an anonymous researcher
AppleAVD Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory corruption issue was addressed with improved validation. CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. CVE-2022-22611: Xingyu Jin of Google
ImageIO Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22596: an anonymous researcher CVE-2022-22640: sqrtpwn
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher
Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher
Kernel Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders
Kernel Available for: Apple Watch Series 3 and later Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6)
libarchive Available for: Apple Watch Series 3 and later Impact: Multiple issues in libarchive Description: Multiple memory corruption issues existed in libarchive. CVE-2021-36976
MediaRemote Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to identify what other applications a user has installed Description: An access issue was addressed with improved access restrictions. CVE-2022-22670: Brandon Azad
Phone Available for: Apple Watch Series 3 and later Impact: A user may be able to bypass the Emergency SOS passcode prompt Description: This issue was addressed with improved checks. CVE-2022-22618: Yicong Ding (@AntonioDing)
Preferences Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Safari Available for: Apple Watch Series 3 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A user interface issue was addressed. CVE-2022-22654: Abdullah Md Shaleh of take0ver
Sandbox Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran
Siri Available for: Apple Watch Series 3 and later Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation. CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/)
UIKit Available for: Apple Watch Series 3 and later Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab
WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative
WebKit Available for: Apple Watch Series 3 and later Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google
Additional recognition
AirDrop We would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance.
Bluetooth We would like to acknowledge an anonymous researcher for their assistance.
Face Gallery We would like to acknowledge Tian Zhang (@KhaosT) for their assistance.
Safari We would like to acknowledge Konstantin Darutkin of FingerprintJS (fingerprintjs.com) for their assistance.
Shortcuts We would like to acknowledge Baibhav Anand Jha of Streamers Land for their assistance.
Siri We would like to acknowledge an anonymous researcher for their assistance.
syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance.
UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance.
Wallet We would like to acknowledge an anonymous researcher for their assistance.
WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance.
WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance.
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p rhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9 Y2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap MQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9 0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC eCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG x517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b Z5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF t088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ sLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5 GKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O 9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq -----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-39
https://security.gentoo.org/
Severity: High Title: WebKitGTK+: Multiple Vulnerabilities Date: August 31, 2022 Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990 ID: 202208-39
Synopsis
Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.36.7 >= 2.36.7
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.36.7"
References
[ 1 ] CVE-2022-2294 https://nvd.nist.gov/vuln/detail/CVE-2022-2294 [ 2 ] CVE-2022-22589 https://nvd.nist.gov/vuln/detail/CVE-2022-22589 [ 3 ] CVE-2022-22590 https://nvd.nist.gov/vuln/detail/CVE-2022-22590 [ 4 ] CVE-2022-22592 https://nvd.nist.gov/vuln/detail/CVE-2022-22592 [ 5 ] CVE-2022-22620 https://nvd.nist.gov/vuln/detail/CVE-2022-22620 [ 6 ] CVE-2022-22624 https://nvd.nist.gov/vuln/detail/CVE-2022-22624 [ 7 ] CVE-2022-22628 https://nvd.nist.gov/vuln/detail/CVE-2022-22628 [ 8 ] CVE-2022-22629 https://nvd.nist.gov/vuln/detail/CVE-2022-22629 [ 9 ] CVE-2022-22662 https://nvd.nist.gov/vuln/detail/CVE-2022-22662 [ 10 ] CVE-2022-22677 https://nvd.nist.gov/vuln/detail/CVE-2022-22677 [ 11 ] CVE-2022-26700 https://nvd.nist.gov/vuln/detail/CVE-2022-26700 [ 12 ] CVE-2022-26709 https://nvd.nist.gov/vuln/detail/CVE-2022-26709 [ 13 ] CVE-2022-26710 https://nvd.nist.gov/vuln/detail/CVE-2022-26710 [ 14 ] CVE-2022-26716 https://nvd.nist.gov/vuln/detail/CVE-2022-26716 [ 15 ] CVE-2022-26717 https://nvd.nist.gov/vuln/detail/CVE-2022-26717 [ 16 ] CVE-2022-26719 https://nvd.nist.gov/vuln/detail/CVE-2022-26719 [ 17 ] CVE-2022-30293 https://nvd.nist.gov/vuln/detail/CVE-2022-30293 [ 18 ] CVE-2022-30294 https://nvd.nist.gov/vuln/detail/CVE-2022-30294 [ 19 ] CVE-2022-32784 https://nvd.nist.gov/vuln/detail/CVE-2022-32784 [ 20 ] CVE-2022-32792 https://nvd.nist.gov/vuln/detail/CVE-2022-32792 [ 21 ] CVE-2022-32893 https://nvd.nist.gov/vuln/detail/CVE-2022-32893 [ 22 ] WSA-2022-0002 https://webkitgtk.org/security/WSA-2022-0002.html [ 23 ] WSA-2022-0003 https://webkitgtk.org/security/WSA-2022-0003.html [ 24 ] WSA-2022-0007 https://webkitgtk.org/security/WSA-2022-0007.html [ 25 ] WSA-2022-0008 https://webkitgtk.org/security/WSA-2022-0008.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-39
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:7704-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704 Issue date: 2022-11-08 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary:
An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: webkit2gtk3-2.36.7-1.el8.src.rpm
aarch64: webkit2gtk3-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm
ppc64le: webkit2gtk3-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm
s390x: webkit2gtk3-2.36.7-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm
x86_64: webkit2gtk3-2.36.7-1.el8.i686.rpm webkit2gtk3-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source: glib2-2.56.4-159.el8.src.rpm
aarch64: glib2-2.56.4-159.el8.aarch64.rpm glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-tests-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
ppc64le: glib2-2.56.4-159.el8.ppc64le.rpm glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-tests-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x: glib2-2.56.4-159.el8.s390x.rpm glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-tests-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64: glib2-2.56.4-159.el8.i686.rpm glib2-2.56.4-159.el8.x86_64.rpm glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-2.56.4-159.el8.i686.rpm glib2-devel-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-tests-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64: glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-static-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm
noarch: glib2-doc-2.56.4-159.el8.noarch.rpm
ppc64le: glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-static-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm
s390x: glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-static-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm
x86_64: glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-static-2.56.4-159.el8.i686.rpm glib2-static-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. Bugs fixed (https://bugzilla.redhat.com/):
2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects 2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays
- Description:
Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Security fixes:
- CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
Bugs addressed:
- Build Submariner 0.13.3 (ACM-2226)
- Verify Submariner with OCP 4.12 (ACM-2435)
-
Submariner does not support cluster "kube-proxy ipvs mode" (ACM-2821)
-
Bugs fixed (https://bugzilla.redhat.com/):
2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
- JIRA issues fixed (https://issues.jboss.org/):
ACM-2226 - [ACM 2.6.4] Build Submariner 0.13.3 ACM-2435 - [ACM 2.6.4] Verify Submariner with OCP 4.12 ACM-2821 - [Submariner] - 0.13.3 - Submariner does not support cluster "kube-proxy ipvs mode"
- Description:
Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12.
This release includes security and bug fixes, and enhancements. * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880) * golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
For more details about the security issues, including the impact; a CVSS score; acknowledgments; and other related information refer to the CVE pages linked in the References section. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps 2154755 - Release of OpenShift Serverless Eventing 1.27.0 2154757 - Release of OpenShift Serverless Serving 1.27.0
- Description:
Service Binding manages the data plane for applications and backing services. Bugs fixed (https://bugzilla.redhat.com/):
2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
- Summary:
The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
-
golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
-
golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
-
golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)
-
golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)
-
golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
-
golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)
-
golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
-
golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
-
golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob 2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header 2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions 2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode 2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip 2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal 2132957 - Migration fails at UnQuiesceDestApplications step in OCP 4.12 2137304 - Location for host cluster is missing in the UI 2140208 - When editing a MigHook in the UI, the page may fail to reload 2143628 - Unable to create Storage Class Conversion plan due to missing cronjob error in OCP 4.12 2143872 - Namespaces page in web console stuck in loading phase 2149920 - Migration fails at prebackupHooks step
- JIRA issues fixed (https://issues.jboss.org/):
MIG-1240 - Implement proposed changes for DVM support with PSAs in 4.12
6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"model": "ipad os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "15.4"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.3"
},
{
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.3",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170179"
},
{
"db": "PACKETSTORM",
"id": "171026"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170243"
}
],
"trust": 0.6
},
"cve": "CVE-2022-22624",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-22624",
"trust": 1.0,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-03-14-2 watchOS 8.5\n\nwatchOS 8.5 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213193. \n\nAccelerate Framework\nAvailable for: Apple Watch Series 3 and later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-22633: an anonymous researcher\n\nAppleAVD\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. \nCVE-2022-22611: Xingyu Jin of Google\n\nImageIO\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing a maliciously crafted image may lead to heap\ncorruption\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2022-22612: Xingyu Jin of Google\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-22596: an anonymous researcher\nCVE-2022-22640: sqrtpwn\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22613: Alex, an anonymous researcher\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-22614: an anonymous researcher\nCVE-2022-22615: an anonymous researcher\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2022-22632: Keegan Saunders\n\nKernel\nAvailable for: Apple Watch Series 3 and later\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A null pointer dereference was addressed with improved\nvalidation. \nCVE-2022-22638: derrek (@derrekr6)\n\nlibarchive\nAvailable for: Apple Watch Series 3 and later\nImpact: Multiple issues in libarchive\nDescription: Multiple memory corruption issues existed in libarchive. \nCVE-2021-36976\n\nMediaRemote\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to identify what other\napplications a user has installed\nDescription: An access issue was addressed with improved access\nrestrictions. \nCVE-2022-22670: Brandon Azad\n\nPhone\nAvailable for: Apple Watch Series 3 and later\nImpact: A user may be able to bypass the Emergency SOS passcode\nprompt\nDescription: This issue was addressed with improved checks. \nCVE-2022-22618: Yicong Ding (@AntonioDing)\n\nPreferences\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to read other\napplications\u0027 settings\nDescription: The issue was addressed with additional permissions\nchecks. \nCVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)\nof Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nSafari\nAvailable for: Apple Watch Series 3 and later\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: A user interface issue was addressed. \nCVE-2022-22654: Abdullah Md Shaleh of take0ver\n\nSandbox\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious application may be able to bypass certain Privacy\npreferences\nDescription: The issue was addressed with improved permissions logic. \nCVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited,\nKhiem Tran\n\nSiri\nAvailable for: Apple Watch Series 3 and later\nImpact: A person with physical access to a device may be able to use\nSiri to obtain some location information from the lock screen\nDescription: A permissions issue was addressed with improved\nvalidation. \nCVE-2022-22599: Andrew Goldberg of the University of Texas at Austin,\nMcCombs School of Business (linkedin.com/andrew-goldberg/)\n\nUIKit\nAvailable for: Apple Watch Series 3 and later\nImpact: A person with physical access to an iOS device may be able to\nsee sensitive information via keyboard suggestions\nDescription: This issue was addressed with improved checks. \nCVE-2022-22621: Joey Hewitt\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may disclose\nsensitive user information\nDescription: A cookie management issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232748\nCVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to code\nexecution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nWebKit Bugzilla: 232812\nCVE-2022-22610: Quan Yin of Bigo Technology Live Client Team\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nWebKit Bugzilla 233172\nCVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\nWebKit Bugzilla: 234147\nCVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nWebKit Bugzilla: 234966\nCVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro\nZero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 3 and later\nImpact: A malicious website may cause unexpected cross-origin\nbehavior\nDescription: A logic issue was addressed with improved state\nmanagement. \nWebKit Bugzilla: 235294\nCVE-2022-22637: Tom McKee of Google\n\nAdditional recognition\n\nAirDrop\nWe would like to acknowledge Omar Espino (omespino.com), Ron Masas of\nBreakPoint.sh for their assistance. \n\nBluetooth\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nFace Gallery\nWe would like to acknowledge Tian Zhang (@KhaosT) for their\nassistance. \n\nSafari\nWe would like to acknowledge Konstantin Darutkin of FingerprintJS\n(fingerprintjs.com) for their assistance. \n\nShortcuts\nWe would like to acknowledge Baibhav Anand Jha of Streamers Land for\ntheir assistance. \n\nSiri\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nsyslog\nWe would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for\ntheir assistance. \n\nUIKit\nWe would like to acknowledge Tim Shadel of Day Logger, Inc. for their\nassistance. \n\nWallet\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nWebKit\nWe would like to acknowledge Abdullah Md Shaleh for their assistance. \n\nWebKit Storage\nWe would like to acknowledge Martin Bajanik of FingerprintJS for\ntheir assistance. \n\nInstructions on how to update your Apple Watch software are available\nat https://support.apple.com/kb/HT204641 To check the version on\nyour Apple Watch, open the Apple Watch app on your iPhone and select\n\"My Watch \u003e General \u003e About\". Alternatively, on your watch, select\n\"My Watch \u003e General \u003e About\". \nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p\nrhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9\nY2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap\nMQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9\n0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC\neCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG\nx517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b\nZ5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF\nt088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ\nsLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5\nGKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O\n9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-39\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: WebKitGTK+: Multiple Vulnerabilities\n Date: August 31, 2022\n Bugs: #866494, #864427, #856445, #861740, #837305, #845252, #839984, #833568, #832990\n ID: 202208-39\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been found in WebkitGTK+, the worst of\nwhich could result in the arbitrary execution of code. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk \u003c 2.36.7 \u003e= 2.36.7\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll WebKitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-libs/webkit-gtk-2.36.7\"\n\nReferences\n=========\n[ 1 ] CVE-2022-2294\n https://nvd.nist.gov/vuln/detail/CVE-2022-2294\n[ 2 ] CVE-2022-22589\n https://nvd.nist.gov/vuln/detail/CVE-2022-22589\n[ 3 ] CVE-2022-22590\n https://nvd.nist.gov/vuln/detail/CVE-2022-22590\n[ 4 ] CVE-2022-22592\n https://nvd.nist.gov/vuln/detail/CVE-2022-22592\n[ 5 ] CVE-2022-22620\n https://nvd.nist.gov/vuln/detail/CVE-2022-22620\n[ 6 ] CVE-2022-22624\n https://nvd.nist.gov/vuln/detail/CVE-2022-22624\n[ 7 ] CVE-2022-22628\n https://nvd.nist.gov/vuln/detail/CVE-2022-22628\n[ 8 ] CVE-2022-22629\n https://nvd.nist.gov/vuln/detail/CVE-2022-22629\n[ 9 ] CVE-2022-22662\n https://nvd.nist.gov/vuln/detail/CVE-2022-22662\n[ 10 ] CVE-2022-22677\n https://nvd.nist.gov/vuln/detail/CVE-2022-22677\n[ 11 ] CVE-2022-26700\n https://nvd.nist.gov/vuln/detail/CVE-2022-26700\n[ 12 ] CVE-2022-26709\n https://nvd.nist.gov/vuln/detail/CVE-2022-26709\n[ 13 ] CVE-2022-26710\n https://nvd.nist.gov/vuln/detail/CVE-2022-26710\n[ 14 ] CVE-2022-26716\n https://nvd.nist.gov/vuln/detail/CVE-2022-26716\n[ 15 ] CVE-2022-26717\n https://nvd.nist.gov/vuln/detail/CVE-2022-26717\n[ 16 ] CVE-2022-26719\n https://nvd.nist.gov/vuln/detail/CVE-2022-26719\n[ 17 ] CVE-2022-30293\n https://nvd.nist.gov/vuln/detail/CVE-2022-30293\n[ 18 ] CVE-2022-30294\n https://nvd.nist.gov/vuln/detail/CVE-2022-30294\n[ 19 ] CVE-2022-32784\n https://nvd.nist.gov/vuln/detail/CVE-2022-32784\n[ 20 ] CVE-2022-32792\n https://nvd.nist.gov/vuln/detail/CVE-2022-32792\n[ 21 ] CVE-2022-32893\n https://nvd.nist.gov/vuln/detail/CVE-2022-32893\n[ 22 ] WSA-2022-0002\n https://webkitgtk.org/security/WSA-2022-0002.html\n[ 23 ] WSA-2022-0003\n https://webkitgtk.org/security/WSA-2022-0003.html\n[ 24 ] WSA-2022-0007\n https://webkitgtk.org/security/WSA-2022-0007.html\n[ 25 ] WSA-2022-0008\n https://webkitgtk.org/security/WSA-2022-0008.html\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-39\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: webkit2gtk3 security and bug fix update\nAdvisory ID: RHSA-2022:7704-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:7704\nIssue date: 2022-11-08\nCVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629\n CVE-2022-22662 CVE-2022-26700 CVE-2022-26709\n CVE-2022-26710 CVE-2022-26716 CVE-2022-26717\n CVE-2022-26719 CVE-2022-30293\n====================================================================\n1. Summary:\n\nAn update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nWebKitGTK is the port of the portable web rendering engine WebKit to the\nGTK platform. \n\nGLib provides the core application building blocks for libraries and\napplications written in C. It provides the core object system used in\nGNOME, the main loop implementation, and a large set of utility functions\nfor strings and common data structures. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nwebkit2gtk3-2.36.7-1.el8.src.rpm\n\naarch64:\nwebkit2gtk3-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm\n\nppc64le:\nwebkit2gtk3-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm\n\ns390x:\nwebkit2gtk3-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm\n\nx86_64:\nwebkit2gtk3-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm\nwebkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\nglib2-2.56.4-159.el8.src.rpm\n\naarch64:\nglib2-2.56.4-159.el8.aarch64.rpm\nglib2-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-debugsource-2.56.4-159.el8.aarch64.rpm\nglib2-devel-2.56.4-159.el8.aarch64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-fam-2.56.4-159.el8.aarch64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-tests-2.56.4-159.el8.aarch64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm\n\nppc64le:\nglib2-2.56.4-159.el8.ppc64le.rpm\nglib2-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-debugsource-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm\n\ns390x:\nglib2-2.56.4-159.el8.s390x.rpm\nglib2-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-debugsource-2.56.4-159.el8.s390x.rpm\nglib2-devel-2.56.4-159.el8.s390x.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-fam-2.56.4-159.el8.s390x.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-tests-2.56.4-159.el8.s390x.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm\n\nx86_64:\nglib2-2.56.4-159.el8.i686.rpm\nglib2-2.56.4-159.el8.x86_64.rpm\nglib2-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-debugsource-2.56.4-159.el8.i686.rpm\nglib2-debugsource-2.56.4-159.el8.x86_64.rpm\nglib2-devel-2.56.4-159.el8.i686.rpm\nglib2-devel-2.56.4-159.el8.x86_64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-fam-2.56.4-159.el8.x86_64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-tests-2.56.4-159.el8.x86_64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm\n\nRed Hat CodeReady Linux Builder (v. 8):\n\naarch64:\nglib2-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-debugsource-2.56.4-159.el8.aarch64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm\nglib2-static-2.56.4-159.el8.aarch64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm\n\nnoarch:\nglib2-doc-2.56.4-159.el8.noarch.rpm\n\nppc64le:\nglib2-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-debugsource-2.56.4-159.el8.ppc64le.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm\nglib2-static-2.56.4-159.el8.ppc64le.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm\n\ns390x:\nglib2-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-debugsource-2.56.4-159.el8.s390x.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm\nglib2-static-2.56.4-159.el8.s390x.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm\n\nx86_64:\nglib2-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-debugsource-2.56.4-159.el8.i686.rpm\nglib2-debugsource-2.56.4-159.el8.x86_64.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm\nglib2-static-2.56.4-159.el8.i686.rpm\nglib2-static-2.56.4-159.el8.x86_64.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.i686.rpm\nglib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-22624\nhttps://access.redhat.com/security/cve/CVE-2022-22628\nhttps://access.redhat.com/security/cve/CVE-2022-22629\nhttps://access.redhat.com/security/cve/CVE-2022-22662\nhttps://access.redhat.com/security/cve/CVE-2022-26700\nhttps://access.redhat.com/security/cve/CVE-2022-26709\nhttps://access.redhat.com/security/cve/CVE-2022-26710\nhttps://access.redhat.com/security/cve/CVE-2022-26716\nhttps://access.redhat.com/security/cve/CVE-2022-26717\nhttps://access.redhat.com/security/cve/CVE-2022-26719\nhttps://access.redhat.com/security/cve/CVE-2022-30293\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064698 - CVE-2020-36518 jackson-databind: denial of service via a large depth of nested objects\n2135244 - CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n2135247 - CVE-2022-42004 jackson-databind: use of deeply nested arrays\n\n5. Description:\n\nSubmariner enables direct networking between pods and services on different\nKubernetes clusters that are either on-premises or in the cloud. \n\nFor more information about Submariner, see the Submariner open source\ncommunity website at: https://submariner.io/. \n\nSecurity fixes:\n\n* CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage\ntakes a long time to parse complex tags\n\nBugs addressed:\n\n* Build Submariner 0.13.3 (ACM-2226)\n* Verify Submariner with OCP 4.12 (ACM-2435)\n* Submariner does not support cluster \"kube-proxy ipvs mode\" (ACM-2821)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nACM-2226 - [ACM 2.6.4] Build Submariner 0.13.3\nACM-2435 - [ACM 2.6.4] Verify Submariner with OCP 4.12\nACM-2821 - [Submariner] - 0.13.3 - Submariner does not support cluster \"kube-proxy ipvs mode\"\n\n6. Description:\n\nVersion 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat\nOpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. \n\nThis release includes security and bug fixes, and enhancements. \n* golang: regexp/syntax: limit memory used by parsing regexps\n(CVE-2022-41715)\n* golang: net/http: handle server errors after sending GOAWAY\n(CVE-2022-27664)\n* golang: net/http/httputil: ReverseProxy should not forward unparseable\nquery parameters (CVE-2022-2880)\n* golang: archive/tar: unbounded memory consumption when reading headers\n(CVE-2022-2879)\n\nFor more details about the security issues, including the impact; a CVSS\nscore;\nacknowledgments; and other related information refer to the CVE pages\nlinked in the References section. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY\n2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers\n2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters\n2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps\n2154755 - Release of OpenShift Serverless Eventing 1.27.0\n2154757 - Release of OpenShift Serverless Serving 1.27.0\n\n5. Description:\n\nService Binding manages the data plane for applications and backing\nservices. Bugs fixed (https://bugzilla.redhat.com/):\n\n2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests\n\n5. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.7.6 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. \n\nSecurity Fix(es) from Bugzilla:\n\n* golang: net/http: improper sanitization of Transfer-Encoding header\n(CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions\n(CVE-2022-1962)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit\nX-Forwarded-For not working (CVE-2022-32148)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add\n(CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob\n2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions\n2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode\n2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip\n2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal\n2132957 - Migration fails at UnQuiesceDestApplications step in OCP 4.12\n2137304 - Location for host cluster is missing in the UI\n2140208 - When editing a MigHook in the UI, the page may fail to reload\n2143628 - Unable to create Storage Class Conversion plan due to missing cronjob error in OCP 4.12\n2143872 - Namespaces page in web console stuck in loading phase\n2149920 - Migration fails at prebackupHooks step\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nMIG-1240 - Implement proposed changes for DVM support with PSAs in 4.12\n\n6",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22624"
},
{
"db": "VULHUB",
"id": "VHN-411252"
},
{
"db": "PACKETSTORM",
"id": "166318"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170179"
},
{
"db": "PACKETSTORM",
"id": "171026"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170243"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22624",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "170956",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166318",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "171026",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "168226",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "169760",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "170210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169889",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166316",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169920",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171144",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170806",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166317",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170898",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-411252",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170179",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171127",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "170243",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411252"
},
{
"db": "PACKETSTORM",
"id": "166318"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170179"
},
{
"db": "PACKETSTORM",
"id": "171026"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"id": "VAR-202203-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411252"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:46:58.879000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411252"
},
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213182"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213183"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213186"
},
{
"trust": 1.1,
"url": "https://support.apple.com/en-us/ht213187"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22629"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22628"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22624"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22662"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26716"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-22628"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-22629"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-30293"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-22662"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26709"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26700"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26719"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26710"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-22624"
},
{
"trust": 0.6,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2022-26717"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26709"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26700"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26710"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-42898"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2022-1304"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26719"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26717"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-26716"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-3709"
},
{
"trust": 0.4,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-2509"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1304"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30293"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-3515"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35527"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-35525"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35527"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35525"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-37434"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-35737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-40304"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-46848"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-46848"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2022-40303"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0924"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0562"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0908"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0865"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0561"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0562"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-22844"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0865"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-27405"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0909"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0561"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-27406"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-27404"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0891"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1355"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-43680"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-42012"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2509"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-42010"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-42011"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-27664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22609"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22610"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22670"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22637"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22666"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22613"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22654"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-36976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22638"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213193."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22615"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22589"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22677"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2294"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0008.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-30294"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22590"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0002.html"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202208-39"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22592"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32792"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0003.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32784"
},
{
"trust": 0.1,
"url": "https://webkitgtk.org/security/wsa-2022-0007.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7704"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24448"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8889"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2639"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1055"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2097"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-26373"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-20368"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1048"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-39399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29581"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1016"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2078"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21499"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-36946"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42003"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1852"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0854"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21624"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21626"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28390"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30002"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-27950"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2586"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23960"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3640"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36518"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1184"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25255"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-34903"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-42004"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1292"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36516"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28893"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://submariner.io/."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3787"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-2601"
},
{
"trust": 0.1,
"url": "https://submariner.io/getting-started/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-40674"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32149"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-3775"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0795"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/add-ons/add-ons-overview#submariner-deploy-console"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30698"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30699"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0709"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-21835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2023-21843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-2880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-41717"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-35737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-47629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0908"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1962"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1122"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32148"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28851"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30630"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-32189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-28851"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:9047"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30629"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0924"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1122"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0909"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0891"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-30635"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-25309"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411252"
},
{
"db": "PACKETSTORM",
"id": "166318"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170179"
},
{
"db": "PACKETSTORM",
"id": "171026"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411252"
},
{
"db": "PACKETSTORM",
"id": "166318"
},
{
"db": "PACKETSTORM",
"id": "168226"
},
{
"db": "PACKETSTORM",
"id": "169760"
},
{
"db": "PACKETSTORM",
"id": "170179"
},
{
"db": "PACKETSTORM",
"id": "171026"
},
{
"db": "PACKETSTORM",
"id": "170956"
},
{
"db": "PACKETSTORM",
"id": "171127"
},
{
"db": "PACKETSTORM",
"id": "170243"
},
{
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-23T00:00:00",
"db": "VULHUB",
"id": "VHN-411252"
},
{
"date": "2022-03-15T15:48:26",
"db": "PACKETSTORM",
"id": "166318"
},
{
"date": "2022-09-01T16:33:44",
"db": "PACKETSTORM",
"id": "168226"
},
{
"date": "2022-11-08T13:47:18",
"db": "PACKETSTORM",
"id": "169760"
},
{
"date": "2022-12-09T14:52:40",
"db": "PACKETSTORM",
"id": "170179"
},
{
"date": "2023-02-16T15:45:25",
"db": "PACKETSTORM",
"id": "171026"
},
{
"date": "2023-02-10T15:49:15",
"db": "PACKETSTORM",
"id": "170956"
},
{
"date": "2023-02-27T14:51:11",
"db": "PACKETSTORM",
"id": "171127"
},
{
"date": "2022-12-15T15:35:54",
"db": "PACKETSTORM",
"id": "170243"
},
{
"date": "2022-09-23T19:15:10.877000",
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-411252"
},
{
"date": "2022-09-28T12:03:19.697000",
"db": "NVD",
"id": "CVE-2022-22624"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple Security Advisory 2022-03-14-2",
"sources": [
{
"db": "PACKETSTORM",
"id": "166318"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow, spoof, code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "166318"
}
],
"trust": 0.1
}
}
Loading...